Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-26017 (GCVE-0-2026-26017)
Vulnerability from cvelistv5 – Published: 2026-03-06 15:36 – Updated: 2026-03-06 16:06
VLAI
EPSS
Title
CoreDNS ACL Bypass
Summary
CoreDNS is a DNS server that chains plugins. Prior to version 1.14.2, a logical vulnerability in CoreDNS allows DNS access controls to be bypassed due to the default execution order of plugins. Security plugins such as acl are evaluated before the rewrite plugin, resulting in a Time-of-Check Time-of-Use (TOCTOU) flaw. This issue has been patched in version 1.14.2.
Severity
7.7 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/coredns/coredns/security/advis… | x_refsource_CONFIRM |
| https://github.com/coredns/coredns/releases/tag/v1.14.2 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-26017",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-06T16:06:32.284525Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-06T16:06:41.093Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "coredns",
"vendor": "coredns",
"versions": [
{
"status": "affected",
"version": "\u003c 1.14.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CoreDNS is a DNS server that chains plugins. Prior to version 1.14.2, a logical vulnerability in CoreDNS allows DNS access controls to be bypassed due to the default execution order of plugins. Security plugins such as acl are evaluated before the rewrite plugin, resulting in a Time-of-Check Time-of-Use (TOCTOU) flaw. This issue has been patched in version 1.14.2."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-367",
"description": "CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-06T15:36:15.655Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/coredns/coredns/security/advisories/GHSA-c9v3-4pv7-87pr",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/coredns/coredns/security/advisories/GHSA-c9v3-4pv7-87pr"
},
{
"name": "https://github.com/coredns/coredns/releases/tag/v1.14.2",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/coredns/coredns/releases/tag/v1.14.2"
}
],
"source": {
"advisory": "GHSA-c9v3-4pv7-87pr",
"discovery": "UNKNOWN"
},
"title": "CoreDNS ACL Bypass"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-26017",
"datePublished": "2026-03-06T15:36:15.655Z",
"dateReserved": "2026-02-09T21:36:29.554Z",
"dateUpdated": "2026-03-06T16:06:41.093Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-26017",
"date": "2026-06-16",
"epss": "0.00305",
"percentile": "0.21937"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-26017\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2026-03-06T16:16:10.397\",\"lastModified\":\"2026-03-09T20:31:14.997\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"CoreDNS is a DNS server that chains plugins. Prior to version 1.14.2, a logical vulnerability in CoreDNS allows DNS access controls to be bypassed due to the default execution order of plugins. Security plugins such as acl are evaluated before the rewrite plugin, resulting in a Time-of-Check Time-of-Use (TOCTOU) flaw. This issue has been patched in version 1.14.2.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N\",\"baseScore\":7.7,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.1,\"impactScore\":4.0},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N\",\"baseScore\":6.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.8,\"impactScore\":4.0}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-367\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:coredns.io:coredns:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.14.2\",\"matchCriteriaId\":\"B72A7A10-A05D-47A2-93A8-076E4C944D23\"}]}]}],\"references\":[{\"url\":\"https://github.com/coredns/coredns/releases/tag/v1.14.2\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Product\",\"Release Notes\"]},{\"url\":\"https://github.com/coredns/coredns/security/advisories/GHSA-c9v3-4pv7-87pr\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-26017\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-03-06T16:06:32.284525Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-03-06T16:06:35.183Z\"}}], \"cna\": {\"title\": \"CoreDNS ACL Bypass\", \"source\": {\"advisory\": \"GHSA-c9v3-4pv7-87pr\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 7.7, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"coredns\", \"product\": \"coredns\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 1.14.2\"}]}], \"references\": [{\"url\": \"https://github.com/coredns/coredns/security/advisories/GHSA-c9v3-4pv7-87pr\", \"name\": \"https://github.com/coredns/coredns/security/advisories/GHSA-c9v3-4pv7-87pr\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/coredns/coredns/releases/tag/v1.14.2\", \"name\": \"https://github.com/coredns/coredns/releases/tag/v1.14.2\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"CoreDNS is a DNS server that chains plugins. Prior to version 1.14.2, a logical vulnerability in CoreDNS allows DNS access controls to be bypassed due to the default execution order of plugins. Security plugins such as acl are evaluated before the rewrite plugin, resulting in a Time-of-Check Time-of-Use (TOCTOU) flaw. This issue has been patched in version 1.14.2.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-367\", \"description\": \"CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2026-03-06T15:36:15.655Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-26017\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-03-06T16:06:41.093Z\", \"dateReserved\": \"2026-02-09T21:36:29.554Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2026-03-06T15:36:15.655Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
CERTFR-2026-AVI-0299
Vulnerability from certfr_avis - Published: 2026-03-16 - Updated: 2026-03-16
De multiples vulnérabilités ont été découvertes dans les produits Microsoft. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Microsoft | N/A | azl3 coredns 1.11.4-14 versions antérieures à 1.11.4-15 | ||
| Microsoft | N/A | azl3 giflib 5.2.1-10 versions antérieures à 5.2.1-11 | ||
| Microsoft | N/A | cbl2 coredns 1.11.1-25 versions antérieures à 1.11.1-26 | ||
| Microsoft | N/A | azl3 azurelinux-image-tools 1.2.0-1 versions antérieures à 1.2.0-2 | ||
| Microsoft | N/A | cbl2 giflib 5.2.1-10 versions antérieures à 5.2.1-11 | ||
| Microsoft | N/A | azl3 golang 1.26.0-1 versions antérieures à 1.26.1-1 | ||
| Microsoft | N/A | azl3 golang 1.25.7-1 versions antérieures à 1.25.8-1 |
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "azl3 coredns 1.11.4-14 versions ant\u00e9rieures \u00e0 1.11.4-15",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 giflib 5.2.1-10 versions ant\u00e9rieures \u00e0 5.2.1-11",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "cbl2 coredns 1.11.1-25 versions ant\u00e9rieures \u00e0 1.11.1-26",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 azurelinux-image-tools 1.2.0-1 versions ant\u00e9rieures \u00e0 1.2.0-2",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "cbl2 giflib 5.2.1-10 versions ant\u00e9rieures \u00e0 5.2.1-11",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 golang 1.26.0-1 versions ant\u00e9rieures \u00e0 1.26.1-1",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 golang 1.25.7-1 versions ant\u00e9rieures \u00e0 1.25.8-1",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-27138",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27138"
},
{
"name": "CVE-2026-27137",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27137"
},
{
"name": "CVE-2026-26018",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26018"
},
{
"name": "CVE-2026-26017",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26017"
},
{
"name": "CVE-2026-23868",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23868"
},
{
"name": "CVE-2026-27141",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27141"
}
],
"initial_release_date": "2026-03-16T00:00:00",
"last_revision_date": "2026-03-16T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0299",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-03-16T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Microsoft. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Microsoft",
"vendor_advisories": [
{
"published_at": "2026-03-08",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-26018",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26018"
},
{
"published_at": "2026-03-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23868",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23868"
},
{
"published_at": "2026-03-08",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-26017",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26017"
},
{
"published_at": "2026-03-05",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-27141",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27141"
},
{
"published_at": "2026-03-11",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-27138",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27138"
},
{
"published_at": "2026-03-11",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-27137",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27137"
}
]
}
cleanstart-2026-vj54611
Vulnerability from cleanstart
Published
2026-05-21 08:11
Modified
2026-05-20 18:52
Summary
Security fixes for CVE-2025-13281, CVE-2025-47950, CVE-2025-5187, CVE-2025-58063, CVE-2025-64702, CVE-2025-68151, CVE-2026-26017, CVE-2026-26018, CVE-2026-32934, CVE-2026-32936, CVE-2026-33190, CVE-2026-33489, CVE-2026-33811, CVE-2026-33814, CVE-2026-35579, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501, ghsa-2wpx-qpw2-g5h5, ghsa-4x4m-3c2p-qppc, ghsa-527x-5wrf-22m2, ghsa-63cw-r7xf-jmwr, ghsa-93mf-426m-g6x9, ghsa-c9v3-4pv7-87pr, ghsa-cvx7-x8pj-x2gw, ghsa-g754-hx8w-x2g6, ghsa-h75p-j8xm-m278, ghsa-h8mm-c463-wjq3, ghsa-qhmp-q7xh-99rh, ghsa-r6j8-c6r2-37rr, ghsa-vp29-5652-4fw9 applied in versions: 1.25.0-r2
Details
Multiple security vulnerabilities affect the kubernetes-dns-node-cache package. These issues are resolved in later releases. See references for individual vulnerability details.
References
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "kubernetes-dns-node-cache"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.25.0-r2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the kubernetes-dns-node-cache package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-VJ54611",
"modified": "2026-05-20T18:52:19Z",
"published": "2026-05-21T08:11:44.432468Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-VJ54611.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-13281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47950"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-5187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58063"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-64702"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68151"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-26017"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-26018"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32934"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32936"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33190"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33489"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33811"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33814"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-35579"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39817"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39819"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39820"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39823"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39825"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39826"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39836"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42499"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42501"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2wpx-qpw2-g5h5"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-4x4m-3c2p-qppc"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-527x-5wrf-22m2"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-63cw-r7xf-jmwr"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-93mf-426m-g6x9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-c9v3-4pv7-87pr"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-cvx7-x8pj-x2gw"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-g754-hx8w-x2g6"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-h75p-j8xm-m278"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-h8mm-c463-wjq3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-qhmp-q7xh-99rh"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-r6j8-c6r2-37rr"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-vp29-5652-4fw9"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47950"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58063"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64702"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68151"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26017"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26018"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32934"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32936"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33190"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33489"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33811"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33814"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35579"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39817"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39819"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39820"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39823"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39825"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39826"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39836"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42499"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42501"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-13281, CVE-2025-47950, CVE-2025-5187, CVE-2025-58063, CVE-2025-64702, CVE-2025-68151, CVE-2026-26017, CVE-2026-26018, CVE-2026-32934, CVE-2026-32936, CVE-2026-33190, CVE-2026-33489, CVE-2026-33811, CVE-2026-33814, CVE-2026-35579, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501, ghsa-2wpx-qpw2-g5h5, ghsa-4x4m-3c2p-qppc, ghsa-527x-5wrf-22m2, ghsa-63cw-r7xf-jmwr, ghsa-93mf-426m-g6x9, ghsa-c9v3-4pv7-87pr, ghsa-cvx7-x8pj-x2gw, ghsa-g754-hx8w-x2g6, ghsa-h75p-j8xm-m278, ghsa-h8mm-c463-wjq3, ghsa-qhmp-q7xh-99rh, ghsa-r6j8-c6r2-37rr, ghsa-vp29-5652-4fw9 applied in versions: 1.25.0-r2",
"upstream": [
"CVE-2025-13281",
"CVE-2025-47950",
"CVE-2025-5187",
"CVE-2025-58063",
"CVE-2025-64702",
"CVE-2025-68151",
"CVE-2026-26017",
"CVE-2026-26018",
"CVE-2026-32934",
"CVE-2026-32936",
"CVE-2026-33190",
"CVE-2026-33489",
"CVE-2026-33811",
"CVE-2026-33814",
"CVE-2026-35579",
"CVE-2026-39817",
"CVE-2026-39819",
"CVE-2026-39820",
"CVE-2026-39823",
"CVE-2026-39825",
"CVE-2026-39826",
"CVE-2026-39836",
"CVE-2026-42499",
"CVE-2026-42501",
"ghsa-2wpx-qpw2-g5h5",
"ghsa-4x4m-3c2p-qppc",
"ghsa-527x-5wrf-22m2",
"ghsa-63cw-r7xf-jmwr",
"ghsa-93mf-426m-g6x9",
"ghsa-c9v3-4pv7-87pr",
"ghsa-cvx7-x8pj-x2gw",
"ghsa-g754-hx8w-x2g6",
"ghsa-h75p-j8xm-m278",
"ghsa-h8mm-c463-wjq3",
"ghsa-qhmp-q7xh-99rh",
"ghsa-r6j8-c6r2-37rr",
"ghsa-vp29-5652-4fw9"
]
}
FKIE_CVE-2026-26017
Vulnerability from fkie_nvd - Published: 2026-03-06 16:16 - Updated: 2026-03-09 20:31
Severity
7.7 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
6.3 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
6.3 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
Summary
CoreDNS is a DNS server that chains plugins. Prior to version 1.14.2, a logical vulnerability in CoreDNS allows DNS access controls to be bypassed due to the default execution order of plugins. Security plugins such as acl are evaluated before the rewrite plugin, resulting in a Time-of-Check Time-of-Use (TOCTOU) flaw. This issue has been patched in version 1.14.2.
References
| URL | Tags | ||
|---|---|---|---|
| security-advisories@github.com | https://github.com/coredns/coredns/releases/tag/v1.14.2 | Product, Release Notes | |
| security-advisories@github.com | https://github.com/coredns/coredns/security/advisories/GHSA-c9v3-4pv7-87pr | Mitigation, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| coredns.io | coredns | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:coredns.io:coredns:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B72A7A10-A05D-47A2-93A8-076E4C944D23",
"versionEndExcluding": "1.14.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CoreDNS is a DNS server that chains plugins. Prior to version 1.14.2, a logical vulnerability in CoreDNS allows DNS access controls to be bypassed due to the default execution order of plugins. Security plugins such as acl are evaluated before the rewrite plugin, resulting in a Time-of-Check Time-of-Use (TOCTOU) flaw. This issue has been patched in version 1.14.2."
},
{
"lang": "es",
"value": "CoreDNS es un servidor DNS que encadena plugins. Antes de la versi\u00f3n 1.14.2, una vulnerabilidad l\u00f3gica en CoreDNS permite que los controles de acceso DNS sean eludidos debido al orden de ejecuci\u00f3n predeterminado de los plugins. Plugins de seguridad como acl son evaluados antes del plugin rewrite, lo que resulta en una falla de Tiempo de Verificaci\u00f3n Tiempo de Uso (TOCTOU). Este problema ha sido parcheado en la versi\u00f3n 1.14.2."
}
],
"id": "CVE-2026-26017",
"lastModified": "2026-03-09T20:31:14.997",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.1,
"impactScore": 4.0,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2026-03-06T16:16:10.397",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Product",
"Release Notes"
],
"url": "https://github.com/coredns/coredns/releases/tag/v1.14.2"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://github.com/coredns/coredns/security/advisories/GHSA-c9v3-4pv7-87pr"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-367"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
GHSA-C9V3-4PV7-87PR
Vulnerability from github – Published: 2026-03-06 18:04 – Updated: 2026-04-27 13:53
VLAI
Summary
CoreDNS ACL Bypass
Details
A logical vulnerability in CoreDNS allows DNS access controls to be bypassed due to the default execution order of plugins. Security plugins such as acl are evaluated before the rewrite plugin, resulting in a Time-of-Check Time-of-Use (TOCTOU) flaw.
Impact
In multi-tenant Kubernetes clusters, this flaw undermines DNS-based segmentation strategies.
Example scenario: 1. ACL blocks access to *.admin.svc.cluster.local 2. A rewrite rule maps public-name → admin.svc.cluster.local 3. An unprivileged pod queries public-name 4. ACL allows the request 5. Rewrite exposes the internal admin service IP
This allows unauthorized service discovery and reconnaissance of restricted internal infrastructure.
Patches
Has the problem been patched? What versions should users upgrade to?
Workarounds
- Reorder the default plugin.cfg so that:
- rewrite and other normalization plugins run before acl, opa, and firewall
- Ensure all access control checks are applied after name normalization.
Severity
7.7 (High)
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/coredns/coredns"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.14.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-26017"
],
"database_specific": {
"cwe_ids": [
"CWE-367"
],
"github_reviewed": true,
"github_reviewed_at": "2026-03-06T18:04:00Z",
"nvd_published_at": "2026-03-06T16:16:10Z",
"severity": "HIGH"
},
"details": "A logical vulnerability in CoreDNS allows DNS access controls to be bypassed due to the default execution order of plugins. Security plugins such as acl are evaluated before the rewrite plugin, resulting in a Time-of-Check Time-of-Use (TOCTOU) flaw.\n\n\n### Impact\n\nIn multi-tenant Kubernetes clusters, this flaw undermines DNS-based segmentation strategies.\n\nExample scenario:\n1. ACL blocks access to *.admin.svc.cluster.local\n2. A rewrite rule maps public-name \u2192 admin.svc.cluster.local\n3. An unprivileged pod queries public-name\n4. ACL allows the request\n5. Rewrite exposes the internal admin service IP\n\nThis allows unauthorized service discovery and reconnaissance of restricted internal infrastructure.\n\n### Patches\n_Has the problem been patched? What versions should users upgrade to?_\n\n### Workarounds\n\n- Reorder the default plugin.cfg so that:\n - rewrite and other normalization plugins run before acl, opa, and firewall\n- Ensure all access control checks are applied after name normalization.",
"id": "GHSA-c9v3-4pv7-87pr",
"modified": "2026-04-27T13:53:21Z",
"published": "2026-03-06T18:04:00Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/coredns/coredns/security/advisories/GHSA-c9v3-4pv7-87pr"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26017"
},
{
"type": "PACKAGE",
"url": "https://github.com/coredns/coredns"
},
{
"type": "WEB",
"url": "https://github.com/coredns/coredns/releases/tag/v1.14.2"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "CoreDNS ACL Bypass"
}
MSRC_CVE-2026-26017
Vulnerability from csaf_microsoft - Published: 2026-03-02 00:00 - Updated: 2026-03-14 01:36Summary
CoreDNS ACL Bypass
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
7.7 (High)
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 20990-17084 | — | ||
| Unresolved product id: 20915-17086 | — |
References
4 references
| URL | Category |
|---|---|
| https://msrc.microsoft.com/csaf/vex/2026/msrc_cve… | self |
| https://support.microsoft.com/lifecycle | external |
| https://www.first.org/cvss | external |
| https://msrc.microsoft.com/csaf/vex/2026/msrc_cve… | self |
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2026-26017 CoreDNS ACL Bypass - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-26017.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "CoreDNS ACL Bypass",
"tracking": {
"current_release_date": "2026-03-14T01:36:50.000Z",
"generator": {
"date": "2026-03-14T07:12:41.872Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2026-26017",
"initial_release_date": "2026-03-02T00:00:00.000Z",
"revision_history": [
{
"date": "2026-03-08T01:01:21.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2026-03-09T14:36:34.000Z",
"legacy_version": "2",
"number": "2",
"summary": "Information published."
},
{
"date": "2026-03-11T01:01:14.000Z",
"legacy_version": "3",
"number": "3",
"summary": "Information published."
},
{
"date": "2026-03-14T01:36:50.000Z",
"legacy_version": "4",
"number": "4",
"summary": "Information published."
}
],
"status": "final",
"version": "4"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
},
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 coredns 1.11.4-14",
"product": {
"name": "\u003cazl3 coredns 1.11.4-14",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "azl3 coredns 1.11.4-14",
"product": {
"name": "azl3 coredns 1.11.4-14",
"product_id": "20990"
}
},
{
"category": "product_version_range",
"name": "\u003ccbl2 coredns 1.11.1-25",
"product": {
"name": "\u003ccbl2 coredns 1.11.1-25",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "cbl2 coredns 1.11.1-25",
"product": {
"name": "cbl2 coredns 1.11.1-25",
"product_id": "20915"
}
}
],
"category": "product_name",
"name": "coredns"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 coredns 1.11.4-14 as a component of Azure Linux 3.0",
"product_id": "17084-1"
},
"product_reference": "1",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 coredns 1.11.4-14 as a component of Azure Linux 3.0",
"product_id": "20990-17084"
},
"product_reference": "20990",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 coredns 1.11.1-25 as a component of CBL Mariner 2.0",
"product_id": "17086-2"
},
"product_reference": "2",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 coredns 1.11.1-25 as a component of CBL Mariner 2.0",
"product_id": "20915-17086"
},
"product_reference": "20915",
"relates_to_product_reference": "17086"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-26017",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"notes": [
{
"category": "general",
"text": "GitHub_M",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"20990-17084",
"20915-17086"
],
"known_affected": [
"17084-1",
"17086-2"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-26017 CoreDNS ACL Bypass - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-26017.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-08T01:01:21.000Z",
"details": "1.11.4-15:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-1"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2026-03-08T01:01:21.000Z",
"details": "1.11.1-26:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-2"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalsScore": 0.0,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"temporalScore": 7.7,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"17084-1",
"17086-2"
]
}
],
"title": "CoreDNS ACL Bypass"
}
]
}
OPENSUSE-SU-2026:10297-1
Vulnerability from csaf_opensuse - Published: 2026-03-07 00:00 - Updated: 2026-03-07 00:00Summary
coredns-1.14.2-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: coredns-1.14.2-1.1 on GA media
Description of the patch: These are all security issues fixed in the coredns-1.14.2-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2026-10297
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.3 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:coredns-1.14.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:coredns-1.14.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:coredns-1.14.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:coredns-1.14.2-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:coredns-extras-1.14.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:coredns-extras-1.14.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:coredns-extras-1.14.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:coredns-extras-1.14.2-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:coredns-1.14.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:coredns-1.14.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:coredns-1.14.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:coredns-1.14.2-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:coredns-extras-1.14.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:coredns-extras-1.14.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:coredns-extras-1.14.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:coredns-extras-1.14.2-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
8 references
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/o… | self |
| https://www.suse.com/security/cve/CVE-2026-26017/ | self |
| https://www.suse.com/security/cve/CVE-2026-26018/ | self |
| https://www.suse.com/security/cve/CVE-2026-26017 | external |
| https://bugzilla.suse.com/1259320 | external |
| https://www.suse.com/security/cve/CVE-2026-26018 | external |
| https://bugzilla.suse.com/1259319 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "coredns-1.14.2-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the coredns-1.14.2-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2026-10297",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_10297-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-26017 page",
"url": "https://www.suse.com/security/cve/CVE-2026-26017/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-26018 page",
"url": "https://www.suse.com/security/cve/CVE-2026-26018/"
}
],
"title": "coredns-1.14.2-1.1 on GA media",
"tracking": {
"current_release_date": "2026-03-07T00:00:00Z",
"generator": {
"date": "2026-03-07T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:10297-1",
"initial_release_date": "2026-03-07T00:00:00Z",
"revision_history": [
{
"date": "2026-03-07T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "coredns-1.14.2-1.1.aarch64",
"product": {
"name": "coredns-1.14.2-1.1.aarch64",
"product_id": "coredns-1.14.2-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "coredns-extras-1.14.2-1.1.aarch64",
"product": {
"name": "coredns-extras-1.14.2-1.1.aarch64",
"product_id": "coredns-extras-1.14.2-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "coredns-1.14.2-1.1.ppc64le",
"product": {
"name": "coredns-1.14.2-1.1.ppc64le",
"product_id": "coredns-1.14.2-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "coredns-extras-1.14.2-1.1.ppc64le",
"product": {
"name": "coredns-extras-1.14.2-1.1.ppc64le",
"product_id": "coredns-extras-1.14.2-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "coredns-1.14.2-1.1.s390x",
"product": {
"name": "coredns-1.14.2-1.1.s390x",
"product_id": "coredns-1.14.2-1.1.s390x"
}
},
{
"category": "product_version",
"name": "coredns-extras-1.14.2-1.1.s390x",
"product": {
"name": "coredns-extras-1.14.2-1.1.s390x",
"product_id": "coredns-extras-1.14.2-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "coredns-1.14.2-1.1.x86_64",
"product": {
"name": "coredns-1.14.2-1.1.x86_64",
"product_id": "coredns-1.14.2-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "coredns-extras-1.14.2-1.1.x86_64",
"product": {
"name": "coredns-extras-1.14.2-1.1.x86_64",
"product_id": "coredns-extras-1.14.2-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "coredns-1.14.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:coredns-1.14.2-1.1.aarch64"
},
"product_reference": "coredns-1.14.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "coredns-1.14.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:coredns-1.14.2-1.1.ppc64le"
},
"product_reference": "coredns-1.14.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "coredns-1.14.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:coredns-1.14.2-1.1.s390x"
},
"product_reference": "coredns-1.14.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "coredns-1.14.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:coredns-1.14.2-1.1.x86_64"
},
"product_reference": "coredns-1.14.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "coredns-extras-1.14.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:coredns-extras-1.14.2-1.1.aarch64"
},
"product_reference": "coredns-extras-1.14.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "coredns-extras-1.14.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:coredns-extras-1.14.2-1.1.ppc64le"
},
"product_reference": "coredns-extras-1.14.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "coredns-extras-1.14.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:coredns-extras-1.14.2-1.1.s390x"
},
"product_reference": "coredns-extras-1.14.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "coredns-extras-1.14.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:coredns-extras-1.14.2-1.1.x86_64"
},
"product_reference": "coredns-extras-1.14.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-26017",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-26017"
}
],
"notes": [
{
"category": "general",
"text": "CoreDNS is a DNS server that chains plugins. Prior to version 1.14.2, a logical vulnerability in CoreDNS allows DNS access controls to be bypassed due to the default execution order of plugins. Security plugins such as acl are evaluated before the rewrite plugin, resulting in a Time-of-Check Time-of-Use (TOCTOU) flaw. This issue has been patched in version 1.14.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:coredns-1.14.2-1.1.aarch64",
"openSUSE Tumbleweed:coredns-1.14.2-1.1.ppc64le",
"openSUSE Tumbleweed:coredns-1.14.2-1.1.s390x",
"openSUSE Tumbleweed:coredns-1.14.2-1.1.x86_64",
"openSUSE Tumbleweed:coredns-extras-1.14.2-1.1.aarch64",
"openSUSE Tumbleweed:coredns-extras-1.14.2-1.1.ppc64le",
"openSUSE Tumbleweed:coredns-extras-1.14.2-1.1.s390x",
"openSUSE Tumbleweed:coredns-extras-1.14.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-26017",
"url": "https://www.suse.com/security/cve/CVE-2026-26017"
},
{
"category": "external",
"summary": "SUSE Bug 1259320 for CVE-2026-26017",
"url": "https://bugzilla.suse.com/1259320"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:coredns-1.14.2-1.1.aarch64",
"openSUSE Tumbleweed:coredns-1.14.2-1.1.ppc64le",
"openSUSE Tumbleweed:coredns-1.14.2-1.1.s390x",
"openSUSE Tumbleweed:coredns-1.14.2-1.1.x86_64",
"openSUSE Tumbleweed:coredns-extras-1.14.2-1.1.aarch64",
"openSUSE Tumbleweed:coredns-extras-1.14.2-1.1.ppc64le",
"openSUSE Tumbleweed:coredns-extras-1.14.2-1.1.s390x",
"openSUSE Tumbleweed:coredns-extras-1.14.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:coredns-1.14.2-1.1.aarch64",
"openSUSE Tumbleweed:coredns-1.14.2-1.1.ppc64le",
"openSUSE Tumbleweed:coredns-1.14.2-1.1.s390x",
"openSUSE Tumbleweed:coredns-1.14.2-1.1.x86_64",
"openSUSE Tumbleweed:coredns-extras-1.14.2-1.1.aarch64",
"openSUSE Tumbleweed:coredns-extras-1.14.2-1.1.ppc64le",
"openSUSE Tumbleweed:coredns-extras-1.14.2-1.1.s390x",
"openSUSE Tumbleweed:coredns-extras-1.14.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-07T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-26017"
},
{
"cve": "CVE-2026-26018",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-26018"
}
],
"notes": [
{
"category": "general",
"text": "CoreDNS is a DNS server that chains plugins. Prior to version 1.14.2, a denial of service vulnerability exists in CoreDNS\u0027s loop detection plugin that allows an attacker to crash the DNS server by sending specially crafted DNS queries. The vulnerability stems from the use of a predictable pseudo-random number generator (PRNG) for generating a secret query name, combined with a fatal error handler that terminates the entire process. This issue has been patched in version 1.14.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:coredns-1.14.2-1.1.aarch64",
"openSUSE Tumbleweed:coredns-1.14.2-1.1.ppc64le",
"openSUSE Tumbleweed:coredns-1.14.2-1.1.s390x",
"openSUSE Tumbleweed:coredns-1.14.2-1.1.x86_64",
"openSUSE Tumbleweed:coredns-extras-1.14.2-1.1.aarch64",
"openSUSE Tumbleweed:coredns-extras-1.14.2-1.1.ppc64le",
"openSUSE Tumbleweed:coredns-extras-1.14.2-1.1.s390x",
"openSUSE Tumbleweed:coredns-extras-1.14.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-26018",
"url": "https://www.suse.com/security/cve/CVE-2026-26018"
},
{
"category": "external",
"summary": "SUSE Bug 1259319 for CVE-2026-26018",
"url": "https://bugzilla.suse.com/1259319"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:coredns-1.14.2-1.1.aarch64",
"openSUSE Tumbleweed:coredns-1.14.2-1.1.ppc64le",
"openSUSE Tumbleweed:coredns-1.14.2-1.1.s390x",
"openSUSE Tumbleweed:coredns-1.14.2-1.1.x86_64",
"openSUSE Tumbleweed:coredns-extras-1.14.2-1.1.aarch64",
"openSUSE Tumbleweed:coredns-extras-1.14.2-1.1.ppc64le",
"openSUSE Tumbleweed:coredns-extras-1.14.2-1.1.s390x",
"openSUSE Tumbleweed:coredns-extras-1.14.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-07T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-26018"
}
]
}
RHSA-2026:25127
Vulnerability from csaf_redhat - Published: 2026-06-10 20:51 - Updated: 2026-06-16 23:10Summary
Red Hat Security Advisory: Submariner v0.21 security fixes and container updates
Severity
Important
Notes
Topic: Submariner v0.21 General Availability release images, which provide enhancements, security fixes, and updated container images.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.
Red Hat Advanced Cluster Management for Kubernetes v2.14
Details: Submariner is a Kubernetes operator that enables cross-cluster connectivity for services and pods, implementing KEP-1645 (Multi-Cluster Services API). After deploying the Submariner operator, it can enable direct networking between pods and services across different Kubernetes clusters.
For more information about Submariner, see the Submariner open source community website at: https://submariner.io/.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A local privilege escalation vulnerability has been discovered in containerd. This vulnerability is the result of an overly broad default permission which allows local users on the host to potentially access the metadata store, the content store and the contents of Kubernetes local volumes. The contents of volumes might include setuid binaries, which could allow a local user on the host to elevate privileges on the host.
7.7 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
29 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
7.5 (High)
Affected products
Fixed
28 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A Go application processing a malicious archive can become unresponsive or crash, resulting in a denial of service.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
29 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
7.5 (High)
Affected products
Fixed
28 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le | — |
Vendor Fix
fix
|
Known not affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64 | — |
Threats
Impact
Important
A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.
7.4 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64 | — |
Vendor Fix
fix
|
Known not affected
29 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le | — |
Threats
Impact
Moderate
Multiple CoreDNS server implementations (gRPC, HTTPS, and HTTP/3) lack critical resource-limiting controls. An unauthenticated remote attacker can exhaust memory and degrade or crash the server by opening many concurrent connections, streams, or sending oversized request bodies. The issue is similar in nature to CVE-2025-47950 (QUIC DoS) but affects additional server types that do not enforce connection limits, stream limits, or message size constraints.
5.3 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
29 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le | — |
Workaround
|
Threats
Impact
Moderate
urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.
7.5 (High)
Affected products
Fixed
28 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le | — |
Vendor Fix
fix
|
Known not affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64 | — |
Threats
Impact
Important
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
29 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le | — |
Workaround
|
Threats
Impact
Important
A flaw was found in CoreDNS, a DNS server that uses a chain of plugins. This logical vulnerability allows an attacker to bypass DNS access controls. The issue occurs because security plugins, such as 'acl', are evaluated before the 'rewrite' plugin, creating a Time-of-Check Time-of-Use (TOCTOU) flaw. This flaw enables an attacker to circumvent intended access restrictions.
7.7 (High)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le | — |
Workaround
|
Threats
Impact
Important
A flaw was found in CoreDNS, a DNS server that chains plugins. A remote attacker can exploit this flaw by sending specially crafted DNS queries. This vulnerability exists in CoreDNS's loop detection plugin due to the use of a predictable pseudo-random number generator (PRNG) for generating a secret query name. Successful exploitation can lead to a denial of service (DoS) by crashing the DNS server.
7.5 (High)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64 | — |
Vendor Fix
fix
|
Known not affected
29 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le | — |
Threats
Impact
Important
A flaw was found in CoreDNS, a DNS server that chains plugins. A remote, unauthenticated attacker can exploit this vulnerability by repeatedly sending oversized DNS-over-HTTPS (DoH) GET requests. The GET path, unlike the POST path, lacks size validation before processing large `dns=` query parameter values. This can lead to high CPU usage, significant memory allocations, and increased garbage collection, resulting in a Denial of Service (DoS).
7.5 (High)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.
9.1 (Critical)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
29 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le | — |
Workaround
|
Threats
Impact
Important
A flaw was found in CoreDNS. An unauthenticated network attacker can exploit incorrect handling of TSIG (Transaction Signature) authentication in the gRPC, QUIC, DoH (DNS over HTTPS), and DoH3 transport implementations. This vulnerability allows an attacker to bypass TSIG protection, leading to unauthorized access to functionalities such as zone transfers and dynamic DNS updates. For DoH and DoH3, the issue is more severe as any request with a TSIG record is treated as authenticated, even with an invalid key.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64 | — |
Vendor Fix
fix
|
Known not affected
29 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le | — |
Threats
Impact
Important
References
118 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2026:25127 | self |
| https://access.redhat.com/security/cve/CVE-2024-25621 | external |
| https://access.redhat.com/security/cve/CVE-2025-61726 | external |
| https://access.redhat.com/security/cve/CVE-2025-61728 | external |
| https://access.redhat.com/security/cve/CVE-2025-61729 | external |
| https://access.redhat.com/security/cve/CVE-2025-68121 | external |
| https://access.redhat.com/security/cve/CVE-2025-68151 | external |
| https://access.redhat.com/security/cve/CVE-2026-21441 | external |
| https://access.redhat.com/security/cve/CVE-2026-25679 | external |
| https://access.redhat.com/security/cve/CVE-2026-26017 | external |
| https://access.redhat.com/security/cve/CVE-2026-26018 | external |
| https://access.redhat.com/security/cve/CVE-2026-32280 | external |
| https://access.redhat.com/security/cve/CVE-2026-32936 | external |
| https://access.redhat.com/security/cve/CVE-2026-33186 | external |
| https://access.redhat.com/security/cve/CVE-2026-34986 | external |
| https://access.redhat.com/security/cve/CVE-2026-35579 | external |
| https://access.redhat.com/security/updates/classi… | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2024-25621 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2413190 | external |
| https://www.cve.org/CVERecord?id=CVE-2024-25621 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-25621 | external |
| https://github.com/containerd/containerd/blob/mai… | external |
| https://github.com/containerd/containerd/commit/7… | external |
| https://github.com/containerd/containerd/security… | external |
| https://access.redhat.com/security/cve/CVE-2025-61726 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2434432 | external |
| https://www.cve.org/CVERecord?id=CVE-2025-61726 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2025-61726 | external |
| https://go.dev/cl/736712 | external |
| https://go.dev/issue/77101 | external |
| https://groups.google.com/g/golang-announce/c/Vd2… | external |
| https://pkg.go.dev/vuln/GO-2026-4341 | external |
| https://access.redhat.com/security/cve/CVE-2025-61728 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2434431 | external |
| https://www.cve.org/CVERecord?id=CVE-2025-61728 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2025-61728 | external |
| https://go.dev/cl/736713 | external |
| https://go.dev/issue/77102 | external |
| https://pkg.go.dev/vuln/GO-2026-4342 | external |
| https://access.redhat.com/security/cve/CVE-2025-61729 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2418462 | external |
| https://www.cve.org/CVERecord?id=CVE-2025-61729 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2025-61729 | external |
| https://go.dev/cl/725920 | external |
| https://go.dev/issue/76445 | external |
| https://groups.google.com/g/golang-announce/c/8FJ… | external |
| https://pkg.go.dev/vuln/GO-2025-4155 | external |
| https://access.redhat.com/security/cve/CVE-2025-68121 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2437111 | external |
| https://www.cve.org/CVERecord?id=CVE-2025-68121 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2025-68121 | external |
| https://go.dev/cl/737700 | external |
| https://go.dev/issue/77217 | external |
| https://groups.google.com/g/golang-announce/c/K09… | external |
| https://pkg.go.dev/vuln/GO-2026-4337 | external |
| https://access.redhat.com/security/cve/CVE-2025-68151 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2428009 | external |
| https://www.cve.org/CVERecord?id=CVE-2025-68151 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2025-68151 | external |
| https://github.com/coredns/coredns/commit/0d8cbb1… | external |
| https://github.com/coredns/coredns/pull/7490 | external |
| https://github.com/coredns/coredns/security/advis… | external |
| https://access.redhat.com/security/cve/CVE-2026-21441 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2427726 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-21441 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-21441 | external |
| https://github.com/urllib3/urllib3/commit/8864ac4… | external |
| https://github.com/urllib3/urllib3/security/advis… | external |
| https://access.redhat.com/security/cve/CVE-2026-25679 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2445356 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-25679 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-25679 | external |
| https://go.dev/cl/752180 | external |
| https://go.dev/issue/77578 | external |
| https://groups.google.com/g/golang-announce/c/Edh… | external |
| https://pkg.go.dev/vuln/GO-2026-4601 | external |
| https://access.redhat.com/security/cve/CVE-2026-26017 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2445244 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-26017 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-26017 | external |
| https://github.com/coredns/coredns/releases/tag/v1.14.2 | external |
| https://github.com/coredns/coredns/security/advis… | external |
| https://access.redhat.com/security/cve/CVE-2026-26018 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2445242 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-26018 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-26018 | external |
| https://github.com/coredns/coredns/security/advis… | external |
| https://access.redhat.com/security/cve/CVE-2026-32280 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2456339 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-32280 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-32280 | external |
| https://go.dev/cl/758320 | external |
| https://go.dev/issue/78282 | external |
| https://groups.google.com/g/golang-announce/c/0uY… | external |
| https://pkg.go.dev/vuln/GO-2026-4947 | external |
| https://access.redhat.com/security/cve/CVE-2026-32936 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2466869 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-32936 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-32936 | external |
| https://github.com/coredns/coredns/releases/tag/v1.14.3 | external |
| https://github.com/coredns/coredns/security/advis… | external |
| https://access.redhat.com/security/cve/CVE-2026-33186 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2449833 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-33186 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-33186 | external |
| https://github.com/grpc/grpc-go/security/advisori… | external |
| https://access.redhat.com/security/cve/CVE-2026-34986 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2455470 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-34986 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-34986 | external |
| https://github.com/go-jose/go-jose/security/advis… | external |
| https://pkg.go.dev/github.com/go-jose/go-jose/v4#… | external |
| https://access.redhat.com/security/cve/CVE-2026-35579 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2466905 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-35579 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-35579 | external |
| https://github.com/coredns/coredns/security/advis… | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Submariner v0.21 General Availability release images, which provide enhancements, security fixes, and updated container images.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.\nRed Hat Advanced Cluster Management for Kubernetes v2.14",
"title": "Topic"
},
{
"category": "general",
"text": "Submariner is a Kubernetes operator that enables cross-cluster connectivity for services and pods, implementing KEP-1645 (Multi-Cluster Services API). After deploying the Submariner operator, it can enable direct networking between pods and services across different Kubernetes clusters.\n\nFor more information about Submariner, see the Submariner open source community website at: https://submariner.io/.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:25127",
"url": "https://access.redhat.com/errata/RHSA-2026:25127"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-25621",
"url": "https://access.redhat.com/security/cve/CVE-2024-25621"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61726",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61728",
"url": "https://access.redhat.com/security/cve/CVE-2025-61728"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61729",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68121",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68151",
"url": "https://access.redhat.com/security/cve/CVE-2025-68151"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-21441",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25679",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-26017",
"url": "https://access.redhat.com/security/cve/CVE-2026-26017"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-26018",
"url": "https://access.redhat.com/security/cve/CVE-2026-26018"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32280",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32936",
"url": "https://access.redhat.com/security/cve/CVE-2026-32936"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33186",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-34986",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-35579",
"url": "https://access.redhat.com/security/cve/CVE-2026-35579"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_25127.json"
}
],
"title": "Red Hat Security Advisory: Submariner v0.21 security fixes and container updates",
"tracking": {
"current_release_date": "2026-06-16T23:10:09+00:00",
"generator": {
"date": "2026-06-16T23:10:09+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.0.0"
}
},
"id": "RHSA-2026:25127",
"initial_release_date": "2026-06-10T20:51:55+00:00",
"revision_history": [
{
"date": "2026-06-10T20:51:55+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-10T20:51:57+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-16T23:10:09+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product": {
"name": "Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:acm:2.14::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Management for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"product": {
"name": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"product_id": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-agent-rhel9@sha256%3Abbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-agent-rhel9\u0026tag=1780204232"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"product": {
"name": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"product_id": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-coredns-rhel9@sha256%3Aeee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-coredns-rhel9\u0026tag=1780204249"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"product": {
"name": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"product_id": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/nettest-rhel9@sha256%3A80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/nettest-rhel9\u0026tag=1780241410"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"product": {
"name": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"product_id": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"product_identification_helper": {
"purl": "pkg:oci/subctl-rhel9@sha256%3Acac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/subctl-rhel9\u0026tag=1780238563"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"product_id": "registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-operator-bundle@sha256%3A5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/submariner-operator-bundle\u0026tag=1780248353"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"product_id": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-gateway-rhel9@sha256%3A5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/submariner-gateway-rhel9\u0026tag=1780204887"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"product_id": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-globalnet-rhel9@sha256%3Aa7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/submariner-globalnet-rhel9\u0026tag=1780204696"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"product_id": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-rhel9-operator@sha256%3A2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/submariner-rhel9-operator\u0026tag=1780204322"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"product_id": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-route-agent-rhel9@sha256%3A5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/submariner-route-agent-rhel9\u0026tag=1780204631"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"product": {
"name": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"product_id": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-agent-rhel9@sha256%3A0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-agent-rhel9\u0026tag=1780204232"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"product": {
"name": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"product_id": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-coredns-rhel9@sha256%3A84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-coredns-rhel9\u0026tag=1780204249"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"product": {
"name": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"product_id": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/nettest-rhel9@sha256%3A5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/nettest-rhel9\u0026tag=1780241410"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"product": {
"name": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"product_id": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/subctl-rhel9@sha256%3A5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/subctl-rhel9\u0026tag=1780238563"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"product_id": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/submariner-gateway-rhel9@sha256%3A157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/submariner-gateway-rhel9\u0026tag=1780204887"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"product_id": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/submariner-globalnet-rhel9@sha256%3Aed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/submariner-globalnet-rhel9\u0026tag=1780204696"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"product_id": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/submariner-rhel9-operator@sha256%3A100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/submariner-rhel9-operator\u0026tag=1780204322"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le",
"product_id": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/submariner-route-agent-rhel9@sha256%3Ac52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/submariner-route-agent-rhel9\u0026tag=1780204631"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"product": {
"name": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"product_id": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-agent-rhel9@sha256%3Aeac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-agent-rhel9\u0026tag=1780204232"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"product": {
"name": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"product_id": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-coredns-rhel9@sha256%3Ae688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-coredns-rhel9\u0026tag=1780204249"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"product": {
"name": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"product_id": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/nettest-rhel9@sha256%3Af928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/nettest-rhel9\u0026tag=1780241410"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"product": {
"name": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"product_id": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/subctl-rhel9@sha256%3A5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/subctl-rhel9\u0026tag=1780238563"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"product_id": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"product_identification_helper": {
"purl": "pkg:oci/submariner-gateway-rhel9@sha256%3A7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/submariner-gateway-rhel9\u0026tag=1780204887"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"product_id": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/submariner-globalnet-rhel9@sha256%3A2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/submariner-globalnet-rhel9\u0026tag=1780204696"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"product_id": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"product_identification_helper": {
"purl": "pkg:oci/submariner-rhel9-operator@sha256%3A01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/submariner-rhel9-operator\u0026tag=1780204322"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"product_id": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"product_identification_helper": {
"purl": "pkg:oci/submariner-route-agent-rhel9@sha256%3A30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/submariner-route-agent-rhel9\u0026tag=1780204631"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"product": {
"name": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"product_id": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-agent-rhel9@sha256%3A6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-agent-rhel9\u0026tag=1780204232"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"product": {
"name": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"product_id": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-coredns-rhel9@sha256%3Ae802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-coredns-rhel9\u0026tag=1780204249"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"product": {
"name": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"product_id": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"product_identification_helper": {
"purl": "pkg:oci/nettest-rhel9@sha256%3A831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/nettest-rhel9\u0026tag=1780241410"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"product": {
"name": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"product_id": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"product_identification_helper": {
"purl": "pkg:oci/subctl-rhel9@sha256%3Aa154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/subctl-rhel9\u0026tag=1780238563"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"product_id": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-gateway-rhel9@sha256%3A2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/submariner-gateway-rhel9\u0026tag=1780204887"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"product_id": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-globalnet-rhel9@sha256%3Abe69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/submariner-globalnet-rhel9\u0026tag=1780204696"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"product_id": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-rhel9-operator@sha256%3A60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/submariner-rhel9-operator\u0026tag=1780204322"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"product_id": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-route-agent-rhel9@sha256%3A83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/submariner-route-agent-rhel9\u0026tag=1780204631"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le"
},
"product_reference": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64"
},
"product_reference": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64"
},
"product_reference": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x"
},
"product_reference": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le"
},
"product_reference": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x"
},
"product_reference": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64"
},
"product_reference": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64"
},
"product_reference": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le"
},
"product_reference": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64"
},
"product_reference": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64"
},
"product_reference": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x"
},
"product_reference": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le"
},
"product_reference": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x"
},
"product_reference": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64"
},
"product_reference": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64"
},
"product_reference": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-25621",
"cwe": {
"id": "CWE-279",
"name": "Incorrect Execution-Assigned Permissions"
},
"discovery_date": "2025-11-06T19:01:04.402278+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2413190"
}
],
"notes": [
{
"category": "description",
"text": "A local privilege escalation vulnerability has been discovered in containerd. This vulnerability is the result of an overly broad default permission which allows local users on the host to potentially access the metadata store, the content store and the contents of Kubernetes local volumes. The contents of volumes might include setuid binaries, which could allow a local user on the host to elevate privileges on the host.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/containerd/containerd: containerd local privilege escalation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-25621"
},
{
"category": "external",
"summary": "RHBZ#2413190",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413190"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-25621",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25621"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-25621",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25621"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/blob/main/docs/rootless.md",
"url": "https://github.com/containerd/containerd/blob/main/docs/rootless.md"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/commit/7c59e8e9e970d38061a77b586b23655c352bfec5",
"url": "https://github.com/containerd/containerd/commit/7c59e8e9e970d38061a77b586b23655c352bfec5"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w",
"url": "https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w"
}
],
"release_date": "2025-11-06T18:36:21.566000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T20:51:55+00:00",
"details": "For release note details, see the upstream Submariner release notes:\n\nhttps://submariner.io/community/releases/\n\nDownstream-specific issues resolved:\n* ACM-27238\n* ACM-28294\n* ACM-28295\n* ACM-28311\n* ACM-28313\n* ACM-28314\n* ACM-28315\n* ACM-28316\n* ACM-28329\n* ACM-28331\n* ACM-28333\n* ACM-28335\n* ACM-28337\n* ACM-28339\n* ACM-28342\n* ACM-29317\n* ACM-29511\n* ACM-29613\n* ACM-29614\n* ACM-29631\n* ACM-29632\n* ACM-29633\n* ACM-29634\n* ACM-29776\n* ACM-30134\n* ACM-30726\n* ACM-30727\n* ACM-30728\n* ACM-30729\n* ACM-30970\n* ACM-31136\n* ACM-31831\n* ACM-31840\n* ACM-32575\n* ACM-32842\n* ACM-34108\n* ACM-34586\n* ACM-34589\n\nFor more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.14/",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25127"
},
{
"category": "workaround",
"details": "The system administrator on the host can manually chmod the directories to not\nhave group or world accessible permissions:\n```\nchmod 700 /var/lib/containerd\nchmod 700 /run/containerd/io.containerd.grpc.v1.cri\nchmod 700 /run/containerd/io.containerd.sandbox.controller.v1.shim\n```\nAn alternative mitigation would be to run containerd in rootless mode.",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/containerd/containerd: containerd local privilege escalation"
},
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T20:51:55+00:00",
"details": "For release note details, see the upstream Submariner release notes:\n\nhttps://submariner.io/community/releases/\n\nDownstream-specific issues resolved:\n* ACM-27238\n* ACM-28294\n* ACM-28295\n* ACM-28311\n* ACM-28313\n* ACM-28314\n* ACM-28315\n* ACM-28316\n* ACM-28329\n* ACM-28331\n* ACM-28333\n* ACM-28335\n* ACM-28337\n* ACM-28339\n* ACM-28342\n* ACM-29317\n* ACM-29511\n* ACM-29613\n* ACM-29614\n* ACM-29631\n* ACM-29632\n* ACM-29633\n* ACM-29634\n* ACM-29776\n* ACM-30134\n* ACM-30726\n* ACM-30727\n* ACM-30728\n* ACM-30729\n* ACM-30970\n* ACM-31136\n* ACM-31831\n* ACM-31840\n* ACM-32575\n* ACM-32842\n* ACM-34108\n* ACM-34586\n* ACM-34589\n\nFor more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.14/",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25127"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61728",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:39.965024+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434431"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A Go application processing a malicious archive can become unresponsive or crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker needs to be able to process a malicious zip archive with an application using the archive/zip package. Additionally, this vulnerability can cause a Go application to consume an excessive amount of CPU and memory, eventually resulting in a denial of service with no other security impact. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61728"
},
{
"category": "external",
"summary": "RHBZ#2434431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434431"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61728"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"category": "external",
"summary": "https://go.dev/cl/736713",
"url": "https://go.dev/cl/736713"
},
{
"category": "external",
"summary": "https://go.dev/issue/77102",
"url": "https://go.dev/issue/77102"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4342",
"url": "https://pkg.go.dev/vuln/GO-2026-4342"
}
],
"release_date": "2026-01-28T19:30:31.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T20:51:55+00:00",
"details": "For release note details, see the upstream Submariner release notes:\n\nhttps://submariner.io/community/releases/\n\nDownstream-specific issues resolved:\n* ACM-27238\n* ACM-28294\n* ACM-28295\n* ACM-28311\n* ACM-28313\n* ACM-28314\n* ACM-28315\n* ACM-28316\n* ACM-28329\n* ACM-28331\n* ACM-28333\n* ACM-28335\n* ACM-28337\n* ACM-28339\n* ACM-28342\n* ACM-29317\n* ACM-29511\n* ACM-29613\n* ACM-29614\n* ACM-29631\n* ACM-29632\n* ACM-29633\n* ACM-29634\n* ACM-29776\n* ACM-30134\n* ACM-30726\n* ACM-30727\n* ACM-30728\n* ACM-30729\n* ACM-30970\n* ACM-31136\n* ACM-31831\n* ACM-31840\n* ACM-32575\n* ACM-32842\n* ACM-34108\n* ACM-34586\n* ACM-34589\n\nFor more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.14/",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25127"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, implement a timeout in your archive/zip processing logic to abort the operation if it exceeds a few seconds, preventing the application from consuming an excessive amount of resources.",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T20:51:55+00:00",
"details": "For release note details, see the upstream Submariner release notes:\n\nhttps://submariner.io/community/releases/\n\nDownstream-specific issues resolved:\n* ACM-27238\n* ACM-28294\n* ACM-28295\n* ACM-28311\n* ACM-28313\n* ACM-28314\n* ACM-28315\n* ACM-28316\n* ACM-28329\n* ACM-28331\n* ACM-28333\n* ACM-28335\n* ACM-28337\n* ACM-28339\n* ACM-28342\n* ACM-29317\n* ACM-29511\n* ACM-29613\n* ACM-29614\n* ACM-29631\n* ACM-29632\n* ACM-29633\n* ACM-29634\n* ACM-29776\n* ACM-30134\n* ACM-30726\n* ACM-30727\n* ACM-30728\n* ACM-30729\n* ACM-30970\n* ACM-31136\n* ACM-31831\n* ACM-31840\n* ACM-32575\n* ACM-32842\n* ACM-34108\n* ACM-34586\n* ACM-34589\n\nFor more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.14/",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25127"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-68121",
"discovery_date": "2026-02-05T18:01:30.086058+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437111"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a moderate flaw because it only occurs under specific conditions, such as TLS session resumption with runtime changes to certificate authority settings. Exploitation is not straightforward and requires a controlled setup. The impact is limited to certificate validation within the same component and does not affect system availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "RHBZ#2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://go.dev/cl/737700",
"url": "https://go.dev/cl/737700"
},
{
"category": "external",
"summary": "https://go.dev/issue/77217",
"url": "https://go.dev/issue/77217"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4337",
"url": "https://pkg.go.dev/vuln/GO-2026-4337"
}
],
"release_date": "2026-02-05T17:48:44.141000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T20:51:55+00:00",
"details": "For release note details, see the upstream Submariner release notes:\n\nhttps://submariner.io/community/releases/\n\nDownstream-specific issues resolved:\n* ACM-27238\n* ACM-28294\n* ACM-28295\n* ACM-28311\n* ACM-28313\n* ACM-28314\n* ACM-28315\n* ACM-28316\n* ACM-28329\n* ACM-28331\n* ACM-28333\n* ACM-28335\n* ACM-28337\n* ACM-28339\n* ACM-28342\n* ACM-29317\n* ACM-29511\n* ACM-29613\n* ACM-29614\n* ACM-29631\n* ACM-29632\n* ACM-29633\n* ACM-29634\n* ACM-29776\n* ACM-30134\n* ACM-30726\n* ACM-30727\n* ACM-30728\n* ACM-30729\n* ACM-30970\n* ACM-31136\n* ACM-31831\n* ACM-31840\n* ACM-32575\n* ACM-32842\n* ACM-34108\n* ACM-34586\n* ACM-34589\n\nFor more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.14/",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25127"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption"
},
{
"cve": "CVE-2025-68151",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-08T16:01:04.891768+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2428009"
}
],
"notes": [
{
"category": "description",
"text": "Multiple CoreDNS server implementations (gRPC, HTTPS, and HTTP/3) lack critical resource-limiting controls. An unauthenticated remote attacker can exhaust memory and degrade or crash the server by opening many concurrent connections, streams, or sending oversized request bodies. The issue is similar in nature to CVE-2025-47950 (QUIC DoS) but affects additional server types that do not enforce connection limits, stream limits, or message size constraints.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/coredns/coredns/core/dnsserver: CoreDNS DoS via unbounded connections and oversized messages",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68151"
},
{
"category": "external",
"summary": "RHBZ#2428009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68151",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68151"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68151",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68151"
},
{
"category": "external",
"summary": "https://github.com/coredns/coredns/commit/0d8cbb1a6bcb6bc9c1a489865278b8725fa20812",
"url": "https://github.com/coredns/coredns/commit/0d8cbb1a6bcb6bc9c1a489865278b8725fa20812"
},
{
"category": "external",
"summary": "https://github.com/coredns/coredns/pull/7490",
"url": "https://github.com/coredns/coredns/pull/7490"
},
{
"category": "external",
"summary": "https://github.com/coredns/coredns/security/advisories/GHSA-527x-5wrf-22m2",
"url": "https://github.com/coredns/coredns/security/advisories/GHSA-527x-5wrf-22m2"
}
],
"release_date": "2026-01-08T15:33:12.711000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T20:51:55+00:00",
"details": "For release note details, see the upstream Submariner release notes:\n\nhttps://submariner.io/community/releases/\n\nDownstream-specific issues resolved:\n* ACM-27238\n* ACM-28294\n* ACM-28295\n* ACM-28311\n* ACM-28313\n* ACM-28314\n* ACM-28315\n* ACM-28316\n* ACM-28329\n* ACM-28331\n* ACM-28333\n* ACM-28335\n* ACM-28337\n* ACM-28339\n* ACM-28342\n* ACM-29317\n* ACM-29511\n* ACM-29613\n* ACM-29614\n* ACM-29631\n* ACM-29632\n* ACM-29633\n* ACM-29634\n* ACM-29776\n* ACM-30134\n* ACM-30726\n* ACM-30727\n* ACM-30728\n* ACM-30729\n* ACM-30970\n* ACM-31136\n* ACM-31831\n* ACM-31840\n* ACM-32575\n* ACM-32842\n* ACM-34108\n* ACM-34586\n* ACM-34589\n\nFor more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.14/",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25127"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "github.com/coredns/coredns/core/dnsserver: CoreDNS DoS via unbounded connections and oversized messages"
},
{
"cve": "CVE-2026-21441",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2026-01-07T23:01:59.422078+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2427726"
}
],
"notes": [
{
"category": "description",
"text": "urllib3 is an HTTP client library for Python. urllib3\u0027s streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "RHBZ#2427726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427726"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21441",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21441"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b",
"url": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99"
}
],
"release_date": "2026-01-07T22:09:01.936000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T20:51:55+00:00",
"details": "For release note details, see the upstream Submariner release notes:\n\nhttps://submariner.io/community/releases/\n\nDownstream-specific issues resolved:\n* ACM-27238\n* ACM-28294\n* ACM-28295\n* ACM-28311\n* ACM-28313\n* ACM-28314\n* ACM-28315\n* ACM-28316\n* ACM-28329\n* ACM-28331\n* ACM-28333\n* ACM-28335\n* ACM-28337\n* ACM-28339\n* ACM-28342\n* ACM-29317\n* ACM-29511\n* ACM-29613\n* ACM-29614\n* ACM-29631\n* ACM-29632\n* ACM-29633\n* ACM-29634\n* ACM-29776\n* ACM-30134\n* ACM-30726\n* ACM-30727\n* ACM-30728\n* ACM-30729\n* ACM-30970\n* ACM-31136\n* ACM-31831\n* ACM-31840\n* ACM-32575\n* ACM-32842\n* ACM-34108\n* ACM-34586\n* ACM-34589\n\nFor more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.14/",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25127"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)"
},
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T20:51:55+00:00",
"details": "For release note details, see the upstream Submariner release notes:\n\nhttps://submariner.io/community/releases/\n\nDownstream-specific issues resolved:\n* ACM-27238\n* ACM-28294\n* ACM-28295\n* ACM-28311\n* ACM-28313\n* ACM-28314\n* ACM-28315\n* ACM-28316\n* ACM-28329\n* ACM-28331\n* ACM-28333\n* ACM-28335\n* ACM-28337\n* ACM-28339\n* ACM-28342\n* ACM-29317\n* ACM-29511\n* ACM-29613\n* ACM-29614\n* ACM-29631\n* ACM-29632\n* ACM-29633\n* ACM-29634\n* ACM-29776\n* ACM-30134\n* ACM-30726\n* ACM-30727\n* ACM-30728\n* ACM-30729\n* ACM-30970\n* ACM-31136\n* ACM-31831\n* ACM-31840\n* ACM-32575\n* ACM-32842\n* ACM-34108\n* ACM-34586\n* ACM-34589\n\nFor more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.14/",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25127"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
},
{
"cve": "CVE-2026-26017",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2026-03-06T16:01:45.971241+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in CoreDNS, a DNS server that uses a chain of plugins. This logical vulnerability allows an attacker to bypass DNS access controls. The issue occurs because security plugins, such as \u0027acl\u0027, are evaluated before the \u0027rewrite\u0027 plugin, creating a Time-of-Check Time-of-Use (TOCTOU) flaw. This flaw enables an attacker to circumvent intended access restrictions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/coredns/coredns: CoreDNS: DNS access control bypass due to plugin execution order flaw",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-26017"
},
{
"category": "external",
"summary": "RHBZ#2445244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-26017",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26017"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-26017",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26017"
},
{
"category": "external",
"summary": "https://github.com/coredns/coredns/releases/tag/v1.14.2",
"url": "https://github.com/coredns/coredns/releases/tag/v1.14.2"
},
{
"category": "external",
"summary": "https://github.com/coredns/coredns/security/advisories/GHSA-c9v3-4pv7-87pr",
"url": "https://github.com/coredns/coredns/security/advisories/GHSA-c9v3-4pv7-87pr"
}
],
"release_date": "2026-03-06T15:36:15.655000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T20:51:55+00:00",
"details": "For release note details, see the upstream Submariner release notes:\n\nhttps://submariner.io/community/releases/\n\nDownstream-specific issues resolved:\n* ACM-27238\n* ACM-28294\n* ACM-28295\n* ACM-28311\n* ACM-28313\n* ACM-28314\n* ACM-28315\n* ACM-28316\n* ACM-28329\n* ACM-28331\n* ACM-28333\n* ACM-28335\n* ACM-28337\n* ACM-28339\n* ACM-28342\n* ACM-29317\n* ACM-29511\n* ACM-29613\n* ACM-29614\n* ACM-29631\n* ACM-29632\n* ACM-29633\n* ACM-29634\n* ACM-29776\n* ACM-30134\n* ACM-30726\n* ACM-30727\n* ACM-30728\n* ACM-30729\n* ACM-30970\n* ACM-31136\n* ACM-31831\n* ACM-31840\n* ACM-32575\n* ACM-32842\n* ACM-34108\n* ACM-34586\n* ACM-34589\n\nFor more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.14/",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25127"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/coredns/coredns: CoreDNS: DNS access control bypass due to plugin execution order flaw"
},
{
"cve": "CVE-2026-26018",
"cwe": {
"id": "CWE-1241",
"name": "Use of Predictable Algorithm in Random Number Generator"
},
"discovery_date": "2026-03-06T16:01:38.150099+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445242"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in CoreDNS, a DNS server that chains plugins. A remote attacker can exploit this flaw by sending specially crafted DNS queries. This vulnerability exists in CoreDNS\u0027s loop detection plugin due to the use of a predictable pseudo-random number generator (PRNG) for generating a secret query name. Successful exploitation can lead to a denial of service (DoS) by crashing the DNS server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/coredns/coredns: CoreDNS: Denial of Service vulnerability due to predictable pseudo-random number generation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-26018"
},
{
"category": "external",
"summary": "RHBZ#2445242",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445242"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-26018",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26018"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-26018",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26018"
},
{
"category": "external",
"summary": "https://github.com/coredns/coredns/releases/tag/v1.14.2",
"url": "https://github.com/coredns/coredns/releases/tag/v1.14.2"
},
{
"category": "external",
"summary": "https://github.com/coredns/coredns/security/advisories/GHSA-h75p-j8xm-m278",
"url": "https://github.com/coredns/coredns/security/advisories/GHSA-h75p-j8xm-m278"
}
],
"release_date": "2026-03-06T15:35:50.801000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T20:51:55+00:00",
"details": "For release note details, see the upstream Submariner release notes:\n\nhttps://submariner.io/community/releases/\n\nDownstream-specific issues resolved:\n* ACM-27238\n* ACM-28294\n* ACM-28295\n* ACM-28311\n* ACM-28313\n* ACM-28314\n* ACM-28315\n* ACM-28316\n* ACM-28329\n* ACM-28331\n* ACM-28333\n* ACM-28335\n* ACM-28337\n* ACM-28339\n* ACM-28342\n* ACM-29317\n* ACM-29511\n* ACM-29613\n* ACM-29614\n* ACM-29631\n* ACM-29632\n* ACM-29633\n* ACM-29634\n* ACM-29776\n* ACM-30134\n* ACM-30726\n* ACM-30727\n* ACM-30728\n* ACM-30729\n* ACM-30970\n* ACM-31136\n* ACM-31831\n* ACM-31840\n* ACM-32575\n* ACM-32842\n* ACM-34108\n* ACM-34586\n* ACM-34589\n\nFor more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.14/",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25127"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/coredns/coredns: CoreDNS: Denial of Service vulnerability due to predictable pseudo-random number generation"
},
{
"cve": "CVE-2026-32280",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-08T02:01:19.572351+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "RHBZ#2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://go.dev/cl/758320",
"url": "https://go.dev/cl/758320"
},
{
"category": "external",
"summary": "https://go.dev/issue/78282",
"url": "https://go.dev/issue/78282"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4947",
"url": "https://pkg.go.dev/vuln/GO-2026-4947"
}
],
"release_date": "2026-04-08T01:06:58.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T20:51:55+00:00",
"details": "For release note details, see the upstream Submariner release notes:\n\nhttps://submariner.io/community/releases/\n\nDownstream-specific issues resolved:\n* ACM-27238\n* ACM-28294\n* ACM-28295\n* ACM-28311\n* ACM-28313\n* ACM-28314\n* ACM-28315\n* ACM-28316\n* ACM-28329\n* ACM-28331\n* ACM-28333\n* ACM-28335\n* ACM-28337\n* ACM-28339\n* ACM-28342\n* ACM-29317\n* ACM-29511\n* ACM-29613\n* ACM-29614\n* ACM-29631\n* ACM-29632\n* ACM-29633\n* ACM-29634\n* ACM-29776\n* ACM-30134\n* ACM-30726\n* ACM-30727\n* ACM-30728\n* ACM-30729\n* ACM-30970\n* ACM-31136\n* ACM-31831\n* ACM-31840\n* ACM-32575\n* ACM-32842\n* ACM-34108\n* ACM-34586\n* ACM-34589\n\nFor more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.14/",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25127"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
},
{
"cve": "CVE-2026-32936",
"cwe": {
"id": "CWE-1284",
"name": "Improper Validation of Specified Quantity in Input"
},
"discovery_date": "2026-05-05T20:01:52.218439+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2466869"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in CoreDNS, a DNS server that chains plugins. A remote, unauthenticated attacker can exploit this vulnerability by repeatedly sending oversized DNS-over-HTTPS (DoH) GET requests. The GET path, unlike the POST path, lacks size validation before processing large `dns=` query parameter values. This can lead to high CPU usage, significant memory allocations, and increased garbage collection, resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/coredns/coredns: CoreDNS: Denial of Service via oversized DNS-over-HTTPS GET requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32936"
},
{
"category": "external",
"summary": "RHBZ#2466869",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466869"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32936",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32936"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32936",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32936"
},
{
"category": "external",
"summary": "https://github.com/coredns/coredns/releases/tag/v1.14.3",
"url": "https://github.com/coredns/coredns/releases/tag/v1.14.3"
},
{
"category": "external",
"summary": "https://github.com/coredns/coredns/security/advisories/GHSA-63cw-r7xf-jmwr",
"url": "https://github.com/coredns/coredns/security/advisories/GHSA-63cw-r7xf-jmwr"
}
],
"release_date": "2026-05-05T19:07:51.926000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T20:51:55+00:00",
"details": "For release note details, see the upstream Submariner release notes:\n\nhttps://submariner.io/community/releases/\n\nDownstream-specific issues resolved:\n* ACM-27238\n* ACM-28294\n* ACM-28295\n* ACM-28311\n* ACM-28313\n* ACM-28314\n* ACM-28315\n* ACM-28316\n* ACM-28329\n* ACM-28331\n* ACM-28333\n* ACM-28335\n* ACM-28337\n* ACM-28339\n* ACM-28342\n* ACM-29317\n* ACM-29511\n* ACM-29613\n* ACM-29614\n* ACM-29631\n* ACM-29632\n* ACM-29633\n* ACM-29634\n* ACM-29776\n* ACM-30134\n* ACM-30726\n* ACM-30727\n* ACM-30728\n* ACM-30729\n* ACM-30970\n* ACM-31136\n* ACM-31831\n* ACM-31840\n* ACM-32575\n* ACM-32842\n* ACM-34108\n* ACM-34586\n* ACM-34589\n\nFor more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.14/",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25127"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "github.com/coredns/coredns: CoreDNS: Denial of Service via oversized DNS-over-HTTPS GET requests"
},
{
"cve": "CVE-2026-33186",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-03-20T23:02:27.802640+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449833"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "RHBZ#2449833",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449833"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33186",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33186"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3",
"url": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3"
}
],
"release_date": "2026-03-20T22:23:32.147000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T20:51:55+00:00",
"details": "For release note details, see the upstream Submariner release notes:\n\nhttps://submariner.io/community/releases/\n\nDownstream-specific issues resolved:\n* ACM-27238\n* ACM-28294\n* ACM-28295\n* ACM-28311\n* ACM-28313\n* ACM-28314\n* ACM-28315\n* ACM-28316\n* ACM-28329\n* ACM-28331\n* ACM-28333\n* ACM-28335\n* ACM-28337\n* ACM-28339\n* ACM-28342\n* ACM-29317\n* ACM-29511\n* ACM-29613\n* ACM-29614\n* ACM-29631\n* ACM-29632\n* ACM-29633\n* ACM-29634\n* ACM-29776\n* ACM-30134\n* ACM-30726\n* ACM-30727\n* ACM-30728\n* ACM-30729\n* ACM-30970\n* ACM-31136\n* ACM-31831\n* ACM-31840\n* ACM-32575\n* ACM-32842\n* ACM-34108\n* ACM-34586\n* ACM-34589\n\nFor more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.14/",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25127"
},
{
"category": "workaround",
"details": "To mitigate this issue, implement infrastructure-level normalization to ensure all incoming HTTP/2 `:path` headers are properly formatted with a leading slash before reaching the gRPC-Go server. This can be achieved by configuring a reverse proxy or API gateway to validate and normalize the `:path` header. Ensure that any such intermediary is properly configured and restarted to apply the changes, which may temporarily impact service availability.",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation"
},
{
"cve": "CVE-2026-34986",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-04-06T17:01:34.639203+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455470"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "RHBZ#2455470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-34986",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34986"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants",
"url": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants"
}
],
"release_date": "2026-04-06T16:22:45.353000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T20:51:55+00:00",
"details": "For release note details, see the upstream Submariner release notes:\n\nhttps://submariner.io/community/releases/\n\nDownstream-specific issues resolved:\n* ACM-27238\n* ACM-28294\n* ACM-28295\n* ACM-28311\n* ACM-28313\n* ACM-28314\n* ACM-28315\n* ACM-28316\n* ACM-28329\n* ACM-28331\n* ACM-28333\n* ACM-28335\n* ACM-28337\n* ACM-28339\n* ACM-28342\n* ACM-29317\n* ACM-29511\n* ACM-29613\n* ACM-29614\n* ACM-29631\n* ACM-29632\n* ACM-29633\n* ACM-29634\n* ACM-29776\n* ACM-30134\n* ACM-30726\n* ACM-30727\n* ACM-30728\n* ACM-30729\n* ACM-30970\n* ACM-31136\n* ACM-31831\n* ACM-31840\n* ACM-32575\n* ACM-32842\n* ACM-34108\n* ACM-34586\n* ACM-34589\n\nFor more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.14/",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25127"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object"
},
{
"cve": "CVE-2026-35579",
"cwe": {
"id": "CWE-303",
"name": "Incorrect Implementation of Authentication Algorithm"
},
"discovery_date": "2026-05-05T21:01:06.423844+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2466905"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in CoreDNS. An unauthenticated network attacker can exploit incorrect handling of TSIG (Transaction Signature) authentication in the gRPC, QUIC, DoH (DNS over HTTPS), and DoH3 transport implementations. This vulnerability allows an attacker to bypass TSIG protection, leading to unauthorized access to functionalities such as zone transfers and dynamic DNS updates. For DoH and DoH3, the issue is more severe as any request with a TSIG record is treated as authenticated, even with an invalid key.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/coredns/coredns: CoreDNS: Authentication bypass allows unauthorized access to TSIG-protected functionalities",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-35579"
},
{
"category": "external",
"summary": "RHBZ#2466905",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466905"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-35579",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35579"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-35579",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35579"
},
{
"category": "external",
"summary": "https://github.com/coredns/coredns/security/advisories/GHSA-vp29-5652-4fw9",
"url": "https://github.com/coredns/coredns/security/advisories/GHSA-vp29-5652-4fw9"
}
],
"release_date": "2026-05-05T20:29:16.903000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T20:51:55+00:00",
"details": "For release note details, see the upstream Submariner release notes:\n\nhttps://submariner.io/community/releases/\n\nDownstream-specific issues resolved:\n* ACM-27238\n* ACM-28294\n* ACM-28295\n* ACM-28311\n* ACM-28313\n* ACM-28314\n* ACM-28315\n* ACM-28316\n* ACM-28329\n* ACM-28331\n* ACM-28333\n* ACM-28335\n* ACM-28337\n* ACM-28339\n* ACM-28342\n* ACM-29317\n* ACM-29511\n* ACM-29613\n* ACM-29614\n* ACM-29631\n* ACM-29632\n* ACM-29633\n* ACM-29634\n* ACM-29776\n* ACM-30134\n* ACM-30726\n* ACM-30727\n* ACM-30728\n* ACM-30729\n* ACM-30970\n* ACM-31136\n* ACM-31831\n* ACM-31840\n* ACM-32575\n* ACM-32842\n* ACM-34108\n* ACM-34586\n* ACM-34589\n\nFor more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.14/",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25127"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/coredns/coredns: CoreDNS: Authentication bypass allows unauthorized access to TSIG-protected functionalities"
}
]
}
RHSA-2026:8151
Vulnerability from csaf_redhat - Published: 2026-04-14 15:55 - Updated: 2026-06-16 22:56Summary
Red Hat Security Advisory: Submariner v0.22 security fixes and container updates
Severity
Important
Notes
Topic: Submariner v0.22 General Availability release images, which provide enhancements, security fixes, and updated container images.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.
Red Hat Advanced Cluster Management for Kubernetes v2.15
Details: Submariner is a Kubernetes operator that enables cross-cluster connectivity for services and pods, implementing KEP-1645 (Multi-Cluster Services API). After deploying the Submariner operator, it can enable direct networking between pods and services across different Kubernetes clusters.
For more information about Submariner, see the Submariner open source community website at: https://submariner.io/.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
7.5 (High)
Affected products
Fixed
28 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A Go application processing a malicious archive can become unresponsive or crash, resulting in a denial of service.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
29 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le | — |
Vendor Fix
fix
|
Known not affected
29 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64 | — |
Threats
Impact
Important
A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.
7.4 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le | — |
Vendor Fix
fix
|
Known not affected
29 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64 | — |
Threats
Impact
Moderate
Multiple CoreDNS server implementations (gRPC, HTTPS, and HTTP/3) lack critical resource-limiting controls. An unauthenticated remote attacker can exhaust memory and degrade or crash the server by opening many concurrent connections, streams, or sending oversized request bodies. The issue is similar in nature to CVE-2025-47950 (QUIC DoS) but affects additional server types that do not enforce connection limits, stream limits, or message size constraints.
5.3 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
29 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64 | — |
Workaround
|
Threats
Impact
Moderate
urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.
7.5 (High)
Affected products
Fixed
28 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64 | — |
Vendor Fix
fix
|
Known not affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le | — |
Threats
Impact
Important
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
29 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in CoreDNS, a DNS server that uses a chain of plugins. This logical vulnerability allows an attacker to bypass DNS access controls. The issue occurs because security plugins, such as 'acl', are evaluated before the 'rewrite' plugin, creating a Time-of-Check Time-of-Use (TOCTOU) flaw. This flaw enables an attacker to circumvent intended access restrictions.
7.7 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
29 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in CoreDNS, a DNS server that chains plugins. A remote attacker can exploit this flaw by sending specially crafted DNS queries. This vulnerability exists in CoreDNS's loop detection plugin due to the use of a predictable pseudo-random number generator (PRNG) for generating a secret query name. Successful exploitation can lead to a denial of service (DoS) by crashing the DNS server.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
29 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64 | — |
Workaround
|
Threats
Impact
Important
A certificate validation flaw has been discovered in the golang crypto/x509 module. When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly applied, and only the last constraint will be considered.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
29 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.
9.1 (Critical)
Affected products
Fixed
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64 | — |
Workaround
|
Threats
Impact
Important
References
89 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2026:8151 | self |
| https://access.redhat.com/security/cve/CVE-2025-61726 | external |
| https://access.redhat.com/security/cve/CVE-2025-61728 | external |
| https://access.redhat.com/security/cve/CVE-2025-61729 | external |
| https://access.redhat.com/security/cve/CVE-2025-68121 | external |
| https://access.redhat.com/security/cve/CVE-2025-68151 | external |
| https://access.redhat.com/security/cve/CVE-2026-21441 | external |
| https://access.redhat.com/security/cve/CVE-2026-25679 | external |
| https://access.redhat.com/security/cve/CVE-2026-26017 | external |
| https://access.redhat.com/security/cve/CVE-2026-26018 | external |
| https://access.redhat.com/security/cve/CVE-2026-27137 | external |
| https://access.redhat.com/security/cve/CVE-2026-33186 | external |
| https://access.redhat.com/security/updates/classi… | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2025-61726 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2434432 | external |
| https://www.cve.org/CVERecord?id=CVE-2025-61726 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2025-61726 | external |
| https://go.dev/cl/736712 | external |
| https://go.dev/issue/77101 | external |
| https://groups.google.com/g/golang-announce/c/Vd2… | external |
| https://pkg.go.dev/vuln/GO-2026-4341 | external |
| https://access.redhat.com/security/cve/CVE-2025-61728 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2434431 | external |
| https://www.cve.org/CVERecord?id=CVE-2025-61728 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2025-61728 | external |
| https://go.dev/cl/736713 | external |
| https://go.dev/issue/77102 | external |
| https://pkg.go.dev/vuln/GO-2026-4342 | external |
| https://access.redhat.com/security/cve/CVE-2025-61729 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2418462 | external |
| https://www.cve.org/CVERecord?id=CVE-2025-61729 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2025-61729 | external |
| https://go.dev/cl/725920 | external |
| https://go.dev/issue/76445 | external |
| https://groups.google.com/g/golang-announce/c/8FJ… | external |
| https://pkg.go.dev/vuln/GO-2025-4155 | external |
| https://access.redhat.com/security/cve/CVE-2025-68121 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2437111 | external |
| https://www.cve.org/CVERecord?id=CVE-2025-68121 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2025-68121 | external |
| https://go.dev/cl/737700 | external |
| https://go.dev/issue/77217 | external |
| https://groups.google.com/g/golang-announce/c/K09… | external |
| https://pkg.go.dev/vuln/GO-2026-4337 | external |
| https://access.redhat.com/security/cve/CVE-2025-68151 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2428009 | external |
| https://www.cve.org/CVERecord?id=CVE-2025-68151 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2025-68151 | external |
| https://github.com/coredns/coredns/commit/0d8cbb1… | external |
| https://github.com/coredns/coredns/pull/7490 | external |
| https://github.com/coredns/coredns/security/advis… | external |
| https://access.redhat.com/security/cve/CVE-2026-21441 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2427726 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-21441 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-21441 | external |
| https://github.com/urllib3/urllib3/commit/8864ac4… | external |
| https://github.com/urllib3/urllib3/security/advis… | external |
| https://access.redhat.com/security/cve/CVE-2026-25679 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2445356 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-25679 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-25679 | external |
| https://go.dev/cl/752180 | external |
| https://go.dev/issue/77578 | external |
| https://groups.google.com/g/golang-announce/c/Edh… | external |
| https://pkg.go.dev/vuln/GO-2026-4601 | external |
| https://access.redhat.com/security/cve/CVE-2026-26017 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2445244 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-26017 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-26017 | external |
| https://github.com/coredns/coredns/releases/tag/v1.14.2 | external |
| https://github.com/coredns/coredns/security/advis… | external |
| https://access.redhat.com/security/cve/CVE-2026-26018 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2445242 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-26018 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-26018 | external |
| https://github.com/coredns/coredns/security/advis… | external |
| https://access.redhat.com/security/cve/CVE-2026-27137 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2445345 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-27137 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-27137 | external |
| https://go.dev/cl/752182 | external |
| https://go.dev/issue/77952 | external |
| https://pkg.go.dev/vuln/GO-2026-4599 | external |
| https://access.redhat.com/security/cve/CVE-2026-33186 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2449833 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-33186 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-33186 | external |
| https://github.com/grpc/grpc-go/security/advisori… | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Submariner v0.22 General Availability release images, which provide enhancements, security fixes, and updated container images.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.\nRed Hat Advanced Cluster Management for Kubernetes v2.15",
"title": "Topic"
},
{
"category": "general",
"text": "Submariner is a Kubernetes operator that enables cross-cluster connectivity for services and pods, implementing KEP-1645 (Multi-Cluster Services API). After deploying the Submariner operator, it can enable direct networking between pods and services across different Kubernetes clusters.\n\nFor more information about Submariner, see the Submariner open source community website at: https://submariner.io/.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:8151",
"url": "https://access.redhat.com/errata/RHSA-2026:8151"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61726",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61728",
"url": "https://access.redhat.com/security/cve/CVE-2025-61728"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61729",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68121",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68151",
"url": "https://access.redhat.com/security/cve/CVE-2025-68151"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-21441",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25679",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-26017",
"url": "https://access.redhat.com/security/cve/CVE-2026-26017"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-26018",
"url": "https://access.redhat.com/security/cve/CVE-2026-26018"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27137",
"url": "https://access.redhat.com/security/cve/CVE-2026-27137"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33186",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_8151.json"
}
],
"title": "Red Hat Security Advisory: Submariner v0.22 security fixes and container updates",
"tracking": {
"current_release_date": "2026-06-16T22:56:07+00:00",
"generator": {
"date": "2026-06-16T22:56:07+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.0.0"
}
},
"id": "RHSA-2026:8151",
"initial_release_date": "2026-04-14T15:55:27+00:00",
"revision_history": [
{
"date": "2026-04-14T15:55:27+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-14T15:55:34+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-16T22:56:07+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Advanced Cluster Management for Kubernetes 2.15",
"product": {
"name": "Red Hat Advanced Cluster Management for Kubernetes 2.15",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.15",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:acm:2.15::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Management for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"product": {
"name": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"product_id": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-agent-rhel9@sha256%3Ab54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2\u0026tag=1774084104"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64",
"product": {
"name": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64",
"product_id": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-coredns-rhel9@sha256%3Adb1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2\u0026tag=1774086225"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"product": {
"name": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"product_id": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"product_identification_helper": {
"purl": "pkg:oci/nettest-rhel9@sha256%3A3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2\u0026tag=1774372741"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"product": {
"name": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"product_id": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/subctl-rhel9@sha256%3A613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2\u0026tag=1774085848"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64",
"product_id": "registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-operator-bundle@sha256%3A39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2\u0026tag=1774565831"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"product_id": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-gateway-rhel9@sha256%3A1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2\u0026tag=1774550350"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"product_id": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-globalnet-rhel9@sha256%3A5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2\u0026tag=1774550347"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"product_id": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-rhel9-operator@sha256%3A3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2\u0026tag=1774332596"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64",
"product_id": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-route-agent-rhel9@sha256%3Aff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2\u0026tag=1774550357"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"product": {
"name": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"product_id": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-agent-rhel9@sha256%3A3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2\u0026tag=1774084104"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"product": {
"name": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"product_id": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-coredns-rhel9@sha256%3A251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2\u0026tag=1774086225"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"product": {
"name": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"product_id": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/nettest-rhel9@sha256%3A6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2\u0026tag=1774372741"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le",
"product": {
"name": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le",
"product_id": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/subctl-rhel9@sha256%3Ad061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2\u0026tag=1774085848"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"product_id": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/submariner-gateway-rhel9@sha256%3A1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2\u0026tag=1774550350"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"product_id": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/submariner-globalnet-rhel9@sha256%3Ae3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2\u0026tag=1774550347"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le",
"product_id": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/submariner-rhel9-operator@sha256%3A5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2\u0026tag=1774332596"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"product_id": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/submariner-route-agent-rhel9@sha256%3A9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2\u0026tag=1774550357"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"product": {
"name": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"product_id": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-agent-rhel9@sha256%3Ac9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2\u0026tag=1774084104"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"product": {
"name": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"product_id": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-coredns-rhel9@sha256%3A7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2\u0026tag=1774086225"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"product": {
"name": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"product_id": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/nettest-rhel9@sha256%3Aa34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2\u0026tag=1774372741"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"product": {
"name": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"product_id": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"product_identification_helper": {
"purl": "pkg:oci/subctl-rhel9@sha256%3A9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2\u0026tag=1774085848"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"product_id": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"product_identification_helper": {
"purl": "pkg:oci/submariner-gateway-rhel9@sha256%3Ad85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2\u0026tag=1774550350"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"product_id": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/submariner-globalnet-rhel9@sha256%3A93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2\u0026tag=1774550347"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"product_id": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/submariner-rhel9-operator@sha256%3A4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2\u0026tag=1774332596"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"product_id": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/submariner-route-agent-rhel9@sha256%3A5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2\u0026tag=1774550357"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"product": {
"name": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"product_id": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-agent-rhel9@sha256%3Ad3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2\u0026tag=1774084104"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"product": {
"name": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"product_id": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-coredns-rhel9@sha256%3A8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2\u0026tag=1774086225"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"product": {
"name": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"product_id": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"product_identification_helper": {
"purl": "pkg:oci/nettest-rhel9@sha256%3A00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2\u0026tag=1774372741"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"product": {
"name": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"product_id": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"product_identification_helper": {
"purl": "pkg:oci/subctl-rhel9@sha256%3A6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2\u0026tag=1774085848"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"product_id": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-gateway-rhel9@sha256%3Ac153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2\u0026tag=1774550350"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"product_id": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-globalnet-rhel9@sha256%3Aeedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2\u0026tag=1774550347"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"product_id": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-rhel9-operator@sha256%3A0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2\u0026tag=1774332596"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"product_id": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-route-agent-rhel9@sha256%3A09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2\u0026tag=1774550357"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.15",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le"
},
"product_reference": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.15",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64"
},
"product_reference": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.15",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x"
},
"product_reference": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.15",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64"
},
"product_reference": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.15",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le"
},
"product_reference": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.15",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x"
},
"product_reference": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.15",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64"
},
"product_reference": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.15",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64"
},
"product_reference": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.15",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64"
},
"product_reference": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.15",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64"
},
"product_reference": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.15",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le"
},
"product_reference": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.15",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x"
},
"product_reference": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.15",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64"
},
"product_reference": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.15",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64"
},
"product_reference": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.15",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x"
},
"product_reference": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.15",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le"
},
"product_reference": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.15",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.15",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.15",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.15",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.15",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.15",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.15",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.15",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.15",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.15",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.15",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.15",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.15",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.15",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.15",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.15",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.15",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.15"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-14T15:55:27+00:00",
"details": "For release note details, see the upstream Submariner release notes:\n\nhttps://submariner.io/community/releases/\n\nDownstream-specific issues resolved:\n* ACM-28330\n* ACM-28332\n* ACM-28334\n* ACM-28336\n* ACM-28338\n* ACM-28340\n* ACM-28343\n* ACM-29328\n* ACM-29512\n* ACM-29661\n* ACM-29662\n* ACM-29681\n* ACM-29682\n* ACM-29683\n* ACM-29684\n* ACM-29777\n* ACM-29801\n* ACM-30135\n* ACM-30730\n* ACM-30731\n* ACM-31135\n* ACM-31137\n* ACM-31861\n* ACM-31872\n* ACM-31874\n* ACM-23783\n* ACM-24731\n* ACM-24797\n* ACM-25518\n* ACM-26321\n* ACM-26965\n* ACM-27273\n* ACM-28917\n* ACM-30321\n* ACM-30640\n* ACM-30970\n* ACM-8640\n\nFor more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.15/",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:8151"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61728",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:39.965024+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434431"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A Go application processing a malicious archive can become unresponsive or crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker needs to be able to process a malicious zip archive with an application using the archive/zip package. Additionally, this vulnerability can cause a Go application to consume an excessive amount of CPU and memory, eventually resulting in a denial of service with no other security impact. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61728"
},
{
"category": "external",
"summary": "RHBZ#2434431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434431"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61728"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"category": "external",
"summary": "https://go.dev/cl/736713",
"url": "https://go.dev/cl/736713"
},
{
"category": "external",
"summary": "https://go.dev/issue/77102",
"url": "https://go.dev/issue/77102"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4342",
"url": "https://pkg.go.dev/vuln/GO-2026-4342"
}
],
"release_date": "2026-01-28T19:30:31.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-14T15:55:27+00:00",
"details": "For release note details, see the upstream Submariner release notes:\n\nhttps://submariner.io/community/releases/\n\nDownstream-specific issues resolved:\n* ACM-28330\n* ACM-28332\n* ACM-28334\n* ACM-28336\n* ACM-28338\n* ACM-28340\n* ACM-28343\n* ACM-29328\n* ACM-29512\n* ACM-29661\n* ACM-29662\n* ACM-29681\n* ACM-29682\n* ACM-29683\n* ACM-29684\n* ACM-29777\n* ACM-29801\n* ACM-30135\n* ACM-30730\n* ACM-30731\n* ACM-31135\n* ACM-31137\n* ACM-31861\n* ACM-31872\n* ACM-31874\n* ACM-23783\n* ACM-24731\n* ACM-24797\n* ACM-25518\n* ACM-26321\n* ACM-26965\n* ACM-27273\n* ACM-28917\n* ACM-30321\n* ACM-30640\n* ACM-30970\n* ACM-8640\n\nFor more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.15/",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:8151"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, implement a timeout in your archive/zip processing logic to abort the operation if it exceeds a few seconds, preventing the application from consuming an excessive amount of resources.",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-14T15:55:27+00:00",
"details": "For release note details, see the upstream Submariner release notes:\n\nhttps://submariner.io/community/releases/\n\nDownstream-specific issues resolved:\n* ACM-28330\n* ACM-28332\n* ACM-28334\n* ACM-28336\n* ACM-28338\n* ACM-28340\n* ACM-28343\n* ACM-29328\n* ACM-29512\n* ACM-29661\n* ACM-29662\n* ACM-29681\n* ACM-29682\n* ACM-29683\n* ACM-29684\n* ACM-29777\n* ACM-29801\n* ACM-30135\n* ACM-30730\n* ACM-30731\n* ACM-31135\n* ACM-31137\n* ACM-31861\n* ACM-31872\n* ACM-31874\n* ACM-23783\n* ACM-24731\n* ACM-24797\n* ACM-25518\n* ACM-26321\n* ACM-26965\n* ACM-27273\n* ACM-28917\n* ACM-30321\n* ACM-30640\n* ACM-30970\n* ACM-8640\n\nFor more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.15/",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:8151"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-68121",
"discovery_date": "2026-02-05T18:01:30.086058+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437111"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a moderate flaw because it only occurs under specific conditions, such as TLS session resumption with runtime changes to certificate authority settings. Exploitation is not straightforward and requires a controlled setup. The impact is limited to certificate validation within the same component and does not affect system availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "RHBZ#2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://go.dev/cl/737700",
"url": "https://go.dev/cl/737700"
},
{
"category": "external",
"summary": "https://go.dev/issue/77217",
"url": "https://go.dev/issue/77217"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4337",
"url": "https://pkg.go.dev/vuln/GO-2026-4337"
}
],
"release_date": "2026-02-05T17:48:44.141000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-14T15:55:27+00:00",
"details": "For release note details, see the upstream Submariner release notes:\n\nhttps://submariner.io/community/releases/\n\nDownstream-specific issues resolved:\n* ACM-28330\n* ACM-28332\n* ACM-28334\n* ACM-28336\n* ACM-28338\n* ACM-28340\n* ACM-28343\n* ACM-29328\n* ACM-29512\n* ACM-29661\n* ACM-29662\n* ACM-29681\n* ACM-29682\n* ACM-29683\n* ACM-29684\n* ACM-29777\n* ACM-29801\n* ACM-30135\n* ACM-30730\n* ACM-30731\n* ACM-31135\n* ACM-31137\n* ACM-31861\n* ACM-31872\n* ACM-31874\n* ACM-23783\n* ACM-24731\n* ACM-24797\n* ACM-25518\n* ACM-26321\n* ACM-26965\n* ACM-27273\n* ACM-28917\n* ACM-30321\n* ACM-30640\n* ACM-30970\n* ACM-8640\n\nFor more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.15/",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:8151"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption"
},
{
"cve": "CVE-2025-68151",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-08T16:01:04.891768+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2428009"
}
],
"notes": [
{
"category": "description",
"text": "Multiple CoreDNS server implementations (gRPC, HTTPS, and HTTP/3) lack critical resource-limiting controls. An unauthenticated remote attacker can exhaust memory and degrade or crash the server by opening many concurrent connections, streams, or sending oversized request bodies. The issue is similar in nature to CVE-2025-47950 (QUIC DoS) but affects additional server types that do not enforce connection limits, stream limits, or message size constraints.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/coredns/coredns/core/dnsserver: CoreDNS DoS via unbounded connections and oversized messages",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68151"
},
{
"category": "external",
"summary": "RHBZ#2428009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68151",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68151"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68151",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68151"
},
{
"category": "external",
"summary": "https://github.com/coredns/coredns/commit/0d8cbb1a6bcb6bc9c1a489865278b8725fa20812",
"url": "https://github.com/coredns/coredns/commit/0d8cbb1a6bcb6bc9c1a489865278b8725fa20812"
},
{
"category": "external",
"summary": "https://github.com/coredns/coredns/pull/7490",
"url": "https://github.com/coredns/coredns/pull/7490"
},
{
"category": "external",
"summary": "https://github.com/coredns/coredns/security/advisories/GHSA-527x-5wrf-22m2",
"url": "https://github.com/coredns/coredns/security/advisories/GHSA-527x-5wrf-22m2"
}
],
"release_date": "2026-01-08T15:33:12.711000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-14T15:55:27+00:00",
"details": "For release note details, see the upstream Submariner release notes:\n\nhttps://submariner.io/community/releases/\n\nDownstream-specific issues resolved:\n* ACM-28330\n* ACM-28332\n* ACM-28334\n* ACM-28336\n* ACM-28338\n* ACM-28340\n* ACM-28343\n* ACM-29328\n* ACM-29512\n* ACM-29661\n* ACM-29662\n* ACM-29681\n* ACM-29682\n* ACM-29683\n* ACM-29684\n* ACM-29777\n* ACM-29801\n* ACM-30135\n* ACM-30730\n* ACM-30731\n* ACM-31135\n* ACM-31137\n* ACM-31861\n* ACM-31872\n* ACM-31874\n* ACM-23783\n* ACM-24731\n* ACM-24797\n* ACM-25518\n* ACM-26321\n* ACM-26965\n* ACM-27273\n* ACM-28917\n* ACM-30321\n* ACM-30640\n* ACM-30970\n* ACM-8640\n\nFor more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.15/",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:8151"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "github.com/coredns/coredns/core/dnsserver: CoreDNS DoS via unbounded connections and oversized messages"
},
{
"cve": "CVE-2026-21441",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2026-01-07T23:01:59.422078+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2427726"
}
],
"notes": [
{
"category": "description",
"text": "urllib3 is an HTTP client library for Python. urllib3\u0027s streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "RHBZ#2427726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427726"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21441",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21441"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b",
"url": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99"
}
],
"release_date": "2026-01-07T22:09:01.936000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-14T15:55:27+00:00",
"details": "For release note details, see the upstream Submariner release notes:\n\nhttps://submariner.io/community/releases/\n\nDownstream-specific issues resolved:\n* ACM-28330\n* ACM-28332\n* ACM-28334\n* ACM-28336\n* ACM-28338\n* ACM-28340\n* ACM-28343\n* ACM-29328\n* ACM-29512\n* ACM-29661\n* ACM-29662\n* ACM-29681\n* ACM-29682\n* ACM-29683\n* ACM-29684\n* ACM-29777\n* ACM-29801\n* ACM-30135\n* ACM-30730\n* ACM-30731\n* ACM-31135\n* ACM-31137\n* ACM-31861\n* ACM-31872\n* ACM-31874\n* ACM-23783\n* ACM-24731\n* ACM-24797\n* ACM-25518\n* ACM-26321\n* ACM-26965\n* ACM-27273\n* ACM-28917\n* ACM-30321\n* ACM-30640\n* ACM-30970\n* ACM-8640\n\nFor more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.15/",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:8151"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)"
},
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-14T15:55:27+00:00",
"details": "For release note details, see the upstream Submariner release notes:\n\nhttps://submariner.io/community/releases/\n\nDownstream-specific issues resolved:\n* ACM-28330\n* ACM-28332\n* ACM-28334\n* ACM-28336\n* ACM-28338\n* ACM-28340\n* ACM-28343\n* ACM-29328\n* ACM-29512\n* ACM-29661\n* ACM-29662\n* ACM-29681\n* ACM-29682\n* ACM-29683\n* ACM-29684\n* ACM-29777\n* ACM-29801\n* ACM-30135\n* ACM-30730\n* ACM-30731\n* ACM-31135\n* ACM-31137\n* ACM-31861\n* ACM-31872\n* ACM-31874\n* ACM-23783\n* ACM-24731\n* ACM-24797\n* ACM-25518\n* ACM-26321\n* ACM-26965\n* ACM-27273\n* ACM-28917\n* ACM-30321\n* ACM-30640\n* ACM-30970\n* ACM-8640\n\nFor more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.15/",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:8151"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
},
{
"cve": "CVE-2026-26017",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2026-03-06T16:01:45.971241+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in CoreDNS, a DNS server that uses a chain of plugins. This logical vulnerability allows an attacker to bypass DNS access controls. The issue occurs because security plugins, such as \u0027acl\u0027, are evaluated before the \u0027rewrite\u0027 plugin, creating a Time-of-Check Time-of-Use (TOCTOU) flaw. This flaw enables an attacker to circumvent intended access restrictions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/coredns/coredns: CoreDNS: DNS access control bypass due to plugin execution order flaw",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-26017"
},
{
"category": "external",
"summary": "RHBZ#2445244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-26017",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26017"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-26017",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26017"
},
{
"category": "external",
"summary": "https://github.com/coredns/coredns/releases/tag/v1.14.2",
"url": "https://github.com/coredns/coredns/releases/tag/v1.14.2"
},
{
"category": "external",
"summary": "https://github.com/coredns/coredns/security/advisories/GHSA-c9v3-4pv7-87pr",
"url": "https://github.com/coredns/coredns/security/advisories/GHSA-c9v3-4pv7-87pr"
}
],
"release_date": "2026-03-06T15:36:15.655000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-14T15:55:27+00:00",
"details": "For release note details, see the upstream Submariner release notes:\n\nhttps://submariner.io/community/releases/\n\nDownstream-specific issues resolved:\n* ACM-28330\n* ACM-28332\n* ACM-28334\n* ACM-28336\n* ACM-28338\n* ACM-28340\n* ACM-28343\n* ACM-29328\n* ACM-29512\n* ACM-29661\n* ACM-29662\n* ACM-29681\n* ACM-29682\n* ACM-29683\n* ACM-29684\n* ACM-29777\n* ACM-29801\n* ACM-30135\n* ACM-30730\n* ACM-30731\n* ACM-31135\n* ACM-31137\n* ACM-31861\n* ACM-31872\n* ACM-31874\n* ACM-23783\n* ACM-24731\n* ACM-24797\n* ACM-25518\n* ACM-26321\n* ACM-26965\n* ACM-27273\n* ACM-28917\n* ACM-30321\n* ACM-30640\n* ACM-30970\n* ACM-8640\n\nFor more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.15/",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:8151"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/coredns/coredns: CoreDNS: DNS access control bypass due to plugin execution order flaw"
},
{
"cve": "CVE-2026-26018",
"cwe": {
"id": "CWE-1241",
"name": "Use of Predictable Algorithm in Random Number Generator"
},
"discovery_date": "2026-03-06T16:01:38.150099+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445242"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in CoreDNS, a DNS server that chains plugins. A remote attacker can exploit this flaw by sending specially crafted DNS queries. This vulnerability exists in CoreDNS\u0027s loop detection plugin due to the use of a predictable pseudo-random number generator (PRNG) for generating a secret query name. Successful exploitation can lead to a denial of service (DoS) by crashing the DNS server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/coredns/coredns: CoreDNS: Denial of Service vulnerability due to predictable pseudo-random number generation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-26018"
},
{
"category": "external",
"summary": "RHBZ#2445242",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445242"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-26018",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26018"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-26018",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26018"
},
{
"category": "external",
"summary": "https://github.com/coredns/coredns/releases/tag/v1.14.2",
"url": "https://github.com/coredns/coredns/releases/tag/v1.14.2"
},
{
"category": "external",
"summary": "https://github.com/coredns/coredns/security/advisories/GHSA-h75p-j8xm-m278",
"url": "https://github.com/coredns/coredns/security/advisories/GHSA-h75p-j8xm-m278"
}
],
"release_date": "2026-03-06T15:35:50.801000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-14T15:55:27+00:00",
"details": "For release note details, see the upstream Submariner release notes:\n\nhttps://submariner.io/community/releases/\n\nDownstream-specific issues resolved:\n* ACM-28330\n* ACM-28332\n* ACM-28334\n* ACM-28336\n* ACM-28338\n* ACM-28340\n* ACM-28343\n* ACM-29328\n* ACM-29512\n* ACM-29661\n* ACM-29662\n* ACM-29681\n* ACM-29682\n* ACM-29683\n* ACM-29684\n* ACM-29777\n* ACM-29801\n* ACM-30135\n* ACM-30730\n* ACM-30731\n* ACM-31135\n* ACM-31137\n* ACM-31861\n* ACM-31872\n* ACM-31874\n* ACM-23783\n* ACM-24731\n* ACM-24797\n* ACM-25518\n* ACM-26321\n* ACM-26965\n* ACM-27273\n* ACM-28917\n* ACM-30321\n* ACM-30640\n* ACM-30970\n* ACM-8640\n\nFor more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.15/",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:8151"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/coredns/coredns: CoreDNS: Denial of Service vulnerability due to predictable pseudo-random number generation"
},
{
"cve": "CVE-2026-27137",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2026-03-06T22:01:38.859733+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445345"
}
],
"notes": [
{
"category": "description",
"text": "A certificate validation flaw has been discovered in the golang crypto/x509 module. When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly applied, and only the last constraint will be considered.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: Incorrect enforcement of email constraints in crypto/x509",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27137"
},
{
"category": "external",
"summary": "RHBZ#2445345",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445345"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27137",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27137"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27137",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27137"
},
{
"category": "external",
"summary": "https://go.dev/cl/752182",
"url": "https://go.dev/cl/752182"
},
{
"category": "external",
"summary": "https://go.dev/issue/77952",
"url": "https://go.dev/issue/77952"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4599",
"url": "https://pkg.go.dev/vuln/GO-2026-4599"
}
],
"release_date": "2026-03-06T21:28:13.748000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-14T15:55:27+00:00",
"details": "For release note details, see the upstream Submariner release notes:\n\nhttps://submariner.io/community/releases/\n\nDownstream-specific issues resolved:\n* ACM-28330\n* ACM-28332\n* ACM-28334\n* ACM-28336\n* ACM-28338\n* ACM-28340\n* ACM-28343\n* ACM-29328\n* ACM-29512\n* ACM-29661\n* ACM-29662\n* ACM-29681\n* ACM-29682\n* ACM-29683\n* ACM-29684\n* ACM-29777\n* ACM-29801\n* ACM-30135\n* ACM-30730\n* ACM-30731\n* ACM-31135\n* ACM-31137\n* ACM-31861\n* ACM-31872\n* ACM-31874\n* ACM-23783\n* ACM-24731\n* ACM-24797\n* ACM-25518\n* ACM-26321\n* ACM-26965\n* ACM-27273\n* ACM-28917\n* ACM-30321\n* ACM-30640\n* ACM-30970\n* ACM-8640\n\nFor more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.15/",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:8151"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: Incorrect enforcement of email constraints in crypto/x509"
},
{
"cve": "CVE-2026-33186",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-03-20T23:02:27.802640+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449833"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "RHBZ#2449833",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449833"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33186",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33186"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3",
"url": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3"
}
],
"release_date": "2026-03-20T22:23:32.147000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-14T15:55:27+00:00",
"details": "For release note details, see the upstream Submariner release notes:\n\nhttps://submariner.io/community/releases/\n\nDownstream-specific issues resolved:\n* ACM-28330\n* ACM-28332\n* ACM-28334\n* ACM-28336\n* ACM-28338\n* ACM-28340\n* ACM-28343\n* ACM-29328\n* ACM-29512\n* ACM-29661\n* ACM-29662\n* ACM-29681\n* ACM-29682\n* ACM-29683\n* ACM-29684\n* ACM-29777\n* ACM-29801\n* ACM-30135\n* ACM-30730\n* ACM-30731\n* ACM-31135\n* ACM-31137\n* ACM-31861\n* ACM-31872\n* ACM-31874\n* ACM-23783\n* ACM-24731\n* ACM-24797\n* ACM-25518\n* ACM-26321\n* ACM-26965\n* ACM-27273\n* ACM-28917\n* ACM-30321\n* ACM-30640\n* ACM-30970\n* ACM-8640\n\nFor more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.15/",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:8151"
},
{
"category": "workaround",
"details": "To mitigate this issue, implement infrastructure-level normalization to ensure all incoming HTTP/2 `:path` headers are properly formatted with a leading slash before reaching the gRPC-Go server. This can be achieved by configuring a reverse proxy or API gateway to validate and normalize the `:path` header. Ensure that any such intermediary is properly configured and restarted to apply the changes, which may temporarily impact service availability.",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:3a7d7ad6a28416cd4479b5cf1508067e10ce342f01c7bb4aa3676abbd9f43a4a_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:b54f4ec7c1e1f45077ad840b6ddbe3388b640f3acc8b29f68ff59547805ee64d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:c9770153fe0b62c88b947de715ba5867af88c51ad65ec63d319be5a77dcc5c32_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:d3d6fc310945928456e59f5fc04d149af2729d13c27f7c980876d8709e2ce864_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:251df7bb1820fed1c75e7b5dd14ed2d12a9bf2f3b74c87f6a0027ebf0641d4e5_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:7ee76ee6dd4a832fccaca245b0f71def3736d90e37476281c273d081234747a2_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:8b17116d4d52c8ab22a72d9c3ff5e2b0820cc0be99ccc405c4d69a3f7ef933bf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:db1083469ea0c8bf20c10252f4e5f500dd38daca85a996e834f866f9618c3e95_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:00b683c6d8a62a7057f64700526ef5f9eb10dec3809ee1c6d6abda6f76dd79fd_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:3780b6e2fa5c3c0328a161d6328ed828879c5bdb38cc2ab451366b60ffa5b043_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:6c394c6c6de11664040b84bbdbe2ae8222bece13e36460774ab3c41fc92f932e_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/nettest-rhel9@sha256:a34e02a2aa68bdad0e1d2aba40bfc782b1b5b9d2b0bc7c9fd391af7417a454a0_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:613ec029444a86d5510c67551d9b346379413f79064b4a406f8e4ad10b71f5a0_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:6ceaac04b5db279336bdefa462ae02a84e631151315cb6fc657709b72671babf_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:9f29e3a800b04a0d188957d8f9ca35c85c39107c29fdf97b5b9ba15bbec4cc29_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/subctl-rhel9@sha256:d061e9013521b8b7fe281176926e8b4684fddded2bf166906d8fa5d15ac9da32_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1294c67c44cd5ecde081e35432874b6cabdcd17252f9dfc773eb5158213550e7_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:1823cb53424d92094ff3b1a151501771c5886b25bba4bab79197ad6fd32304ef_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:c153b1c35cf9aa01c416e7d3dd90b89363715544544c09802039a7629f721c42_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:d85a0d45300376bd1ba2b272d13c65fa957bf0f78a9ae50dff27eb0d5ce95735_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:5f8f4618887f2176dc24bbf6419112f85a68e58d49ff47cb1bbd198f2e148d9d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:93a516a33793b18899586982bbf5b3d741cd8fc6d3285972cc014f823ca75a0d_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:e3090d6f0a2ca71edf606ca49cafa063ac9ff3122f0d377ed9f25a37151d6fb0_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:eedb220436102065b61787715d917459d01e4494a15dffb90474882e8f3086b9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:39088cefc6419019cd9d83bf2f717634fcd01d9befd37b8342553956fae5dd5f_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:0d5f60990dd0863cb501bff5f7b94b979bea3f4ef05e07eb825228dfb3de3248_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:3a481555d5376183a2ee392c409739417d5778e2c0559472f9070ccfe2918e2c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:4185f61ee8a0deb08e41e1c51753cdb6c6068c421c8e3dda7f1a86f67ab4fed3_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:5b5f6ffba68d27f81bb5c26e4fb83d80a4b72523110e622d764f9337d1cb4826_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:09eb5fdd7c085c63b62fb3eb222e6d03ef88d43e56a12440626a10d908086ff7_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5ae8ef0d436d6e1d61d2b444a41639d5c98dfe468308d42710aa9a62e5f8fc2b_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:9068b8224f902247d20403d43f7bf66f4d6d202de2ac3f80a46d8211e42e5564_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.15:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:ff86bbf817bfc8450074d2ee2e8e55f6e500e7f23d12e3e1ef949cb49acb5e32_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation"
}
]
}
WID-SEC-W-2026-0627
Vulnerability from csaf_certbund - Published: 2026-03-05 23:00 - Updated: 2026-06-10 22:00Summary
CoreDNS: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: CoreDNS ist ein DNS server.
Angriff: Ein Angreifer kann mehrere Schwachstellen in CoreDNS ausnutzen, um Sicherheitsvorkehrungen zu umgehen, und um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme: - Linux
- UNIX
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Open Source CoreDNS <1.14.2
Open Source / CoreDNS
|
<1.14.2 | ||
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Open Source CoreDNS <1.14.2
Open Source / CoreDNS
|
<1.14.2 | ||
|
Microsoft Azure Linux azl3
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3
|
azl3 |
References
10 references
| URL | Category |
|---|---|
| https://wid.cert-bund.de/.well-known/csaf/white/2… | self |
| https://wid.cert-bund.de/portal/wid/securityadvis… | self |
| https://github.com/coredns/coredns/security/advis… | external |
| https://github.com/coredns/coredns/security/advis… | external |
| https://lists.opensuse.org/archives/list/security… | external |
| https://msrc.microsoft.com/update-guide/ | external |
| https://lists.opensuse.org/archives/list/security… | external |
| https://lists.opensuse.org/archives/list/security… | external |
| https://lists.opensuse.org/archives/list/security… | external |
| https://access.redhat.com/errata/RHSA-2026:25127 | external |
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "CoreDNS ist ein DNS server.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in CoreDNS ausnutzen, um Sicherheitsvorkehrungen zu umgehen, und um einen Denial of Service Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-0627 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0627.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-0627 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0627"
},
{
"category": "external",
"summary": "CoreDNS GitHub vom 2026-03-05",
"url": "https://github.com/coredns/coredns/security/advisories/GHSA-c9v3-4pv7-87pr"
},
{
"category": "external",
"summary": "CoreDNS GitHub vom 2026-03-05",
"url": "https://github.com/coredns/coredns/security/advisories/GHSA-h75p-j8xm-m278"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:10297-1 vom 2026-03-08",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/XTKYCU7PQZZIHLVJXWGEMRKJRO3UY3UT/"
},
{
"category": "external",
"summary": "Microsoft Leitfaden f\u00fcr Sicherheitsupdates vom 2026-03-10",
"url": "https://msrc.microsoft.com/update-guide/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:0079-1 vom 2026-03-11",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/AHRCSJENZA3STN62UKMLBRZ4QP3KV22D/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:0080-1 vom 2026-03-11",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DPID4P33S2DUNWVEUQAOMM2IL347ZUIU/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:20619-1 vom 2026-04-24",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/XUWFAM7PG7C5B2EEMQCBNZCSTIRS4EOJ/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:25127 vom 2026-06-11",
"url": "https://access.redhat.com/errata/RHSA-2026:25127"
}
],
"source_lang": "en-US",
"title": "CoreDNS: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-06-10T22:00:00.000+00:00",
"generator": {
"date": "2026-06-11T10:51:56.779+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.6.0"
}
},
"id": "WID-SEC-W-2026-0627",
"initial_release_date": "2026-03-05T23:00:00.000+00:00",
"revision_history": [
{
"date": "2026-03-05T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-03-08T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von openSUSE und European Union Vulnerability Database aufgenommen"
},
{
"date": "2026-03-10T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2026-03-11T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2026-04-26T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2026-06-10T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "6"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "azl3",
"product": {
"name": "Microsoft Azure Linux azl3",
"product_id": "T049210",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:azure_linux:azl3"
}
}
}
],
"category": "product_name",
"name": "Azure Linux"
}
],
"category": "vendor",
"name": "Microsoft"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c1.14.2",
"product": {
"name": "Open Source CoreDNS \u003c1.14.2",
"product_id": "T051469"
}
},
{
"category": "product_version",
"name": "1.14.2",
"product": {
"name": "Open Source CoreDNS 1.14.2",
"product_id": "T051469-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:coredns:coredns:1.14.2"
}
}
}
],
"category": "product_name",
"name": "CoreDNS"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-26017",
"product_status": {
"known_affected": [
"67646",
"T027843",
"T051469",
"T049210"
]
},
"release_date": "2026-03-05T23:00:00.000+00:00",
"title": "CVE-2026-26017"
},
{
"cve": "CVE-2026-26018",
"product_status": {
"known_affected": [
"67646",
"T027843",
"T051469",
"T049210"
]
},
"release_date": "2026-03-05T23:00:00.000+00:00",
"title": "CVE-2026-26018"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…