Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-32280 (GCVE-0-2026-32280)
Vulnerability from cvelistv5 – Published: 2026-04-08 01:06 – Updated: 2026-07-10 12:05- CWE-770 - Allocation of Resources Without Limits or Throttling
| Vendor | Product | Version | |
|---|---|---|---|
| Go standard library | crypto/x509 |
Affected:
0 , < 1.25.9
(semver)
Affected: 1.26.0-0 , < 1.26.2 (semver) |
|
| Red Hat | Red Hat Ansible Automation Platform 2.6 for RHEL 10 |
cpe:/a:redhat:ansible_automation_platform:2.6::el10 cpe:/a:redhat:ansible_automation_platform_developer:2.6::el10 |
|
| Red Hat | Red Hat Enterprise Linux Server (v. 7 ELS) |
cpe:/o:redhat:rhel_els:7 |
|
| Red Hat | Red Hat Ansible Automation Platform 2.5 for RHEL 8 |
cpe:/a:redhat:ansible_automation_platform:2.5::el8 cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8 cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.14 |
cpe:/a:redhat:openshift:4.14::el8 cpe:/a:redhat:openshift:4.14::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.15 |
cpe:/a:redhat:openshift:4.15::el8 cpe:/a:redhat:openshift:4.15::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.17 |
cpe:/a:redhat:openshift:4.17::el8 cpe:/a:redhat:openshift:4.17::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.18 |
cpe:/a:redhat:openshift:4.18::el8 cpe:/a:redhat:openshift:4.18::el9 |
|
| Red Hat | Red Hat Satellite 6.16 for RHEL 8 |
cpe:/a:redhat:satellite:6.16::el8 cpe:/a:redhat:satellite_capsule:6.16::el8 cpe:/a:redhat:satellite_maintenance:6.16::el8 cpe:/a:redhat:satellite_utils:6.16::el8 |
|
| Red Hat | Red Hat Ansible Automation Platform 2.5 for RHEL 9 |
cpe:/a:redhat:ansible_automation_platform:2.5::el9 cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9 cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9 |
|
| Red Hat | Red Hat Ansible Automation Platform 2.6 for RHEL 9 |
cpe:/a:redhat:ansible_automation_platform:2.6::el9 cpe:/a:redhat:ansible_automation_platform_developer:2.6::el9 cpe:/a:redhat:ansible_automation_platform_inside:2.6::el9 |
|
| Red Hat | Cryostat 4 on RHEL 9 |
cpe:/a:redhat:cryostat:4::el9 |
|
| Red Hat | RHEM 1.0 for RHEL 9 |
cpe:/a:redhat:edge_manager:1.0::el9 |
|
| Red Hat | Red Hat OpenStack Platform 17.1 |
cpe:/a:redhat:openstack:17.1 cpe:/a:redhat:openstack:17.1::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.19 |
cpe:/a:redhat:openshift:4.19::el8 cpe:/a:redhat:openshift:4.19::el9 |
|
| Red Hat | Red Hat Satellite 6.16 for RHEL 9 |
cpe:/a:redhat:satellite:6.16::el9 cpe:/a:redhat:satellite_capsule:6.16::el9 cpe:/a:redhat:satellite_maintenance:6.16::el9 cpe:/a:redhat:satellite_utils:6.16::el9 |
|
| Red Hat | Red Hat Satellite 6.19 for RHEL 9 |
cpe:/a:redhat:satellite:6.19::el9 cpe:/a:redhat:satellite_capsule:6.19::el9 cpe:/a:redhat:satellite_maintenance:6.19::el9 cpe:/a:redhat:satellite_utils:6.19::el9 |
|
| Red Hat | Red Hat Enterprise Linux AppStream EUS (v. 10.0) |
cpe:/o:redhat:enterprise_linux_eus:10.0 |
|
| Red Hat | Red Hat Enterprise Linux AppStream (v. 10) |
cpe:/o:redhat:enterprise_linux:10.1 cpe:/o:redhat:enterprise_linux:10.2 |
|
| Red Hat | Red Hat Enterprise Linux AppStream (v. 8) |
cpe:/a:redhat:enterprise_linux:8::appstream |
|
| Red Hat | Red Hat Enterprise Linux AppStream AUS (v.8.6) |
cpe:/a:redhat:rhel_aus:8.6::appstream |
|
| Red Hat | Red Hat Enterprise Linux AppStream E4S (v.8.6) |
cpe:/a:redhat:rhel_e4s:8.6::appstream |
|
| Red Hat | Red Hat Enterprise Linux AppStream TUS (v.8.6) |
cpe:/a:redhat:rhel_tus:8.6::appstream |
|
| Red Hat | Red Hat Enterprise Linux AppStream E4S (v.9.4) |
cpe:/a:redhat:rhel_e4s:9.4::appstream |
|
| Red Hat | Red Hat Enterprise Linux AppStream EUS (v.9.4) |
cpe:/a:redhat:rhel_eus:9.4::appstream |
|
| Red Hat | Red Hat Enterprise Linux AppStream EUS (v.9.6) |
cpe:/a:redhat:rhel_eus:9.6::appstream |
|
| Red Hat | Red Hat Enterprise Linux AppStream (v. 9) |
cpe:/a:redhat:enterprise_linux:9::appstream |
|
| Red Hat | Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0) |
cpe:/o:redhat:enterprise_linux_eus:10.0 |
|
| Red Hat | Red Hat Enterprise Linux CodeReady Linux Builder (v. 10) |
cpe:/o:redhat:enterprise_linux:10.2 |
|
| Red Hat | Red Hat CodeReady Linux Builder EUS (v.9.6) |
cpe:/a:redhat:rhel_eus:9.6::crb |
|
| Red Hat | Red Hat Enterprise Linux CodeReady Linux Builder (v. 9) |
cpe:/a:redhat:enterprise_linux:9::crb |
|
| Red Hat | Custom Metric Autoscaler 2.19 |
cpe:/a:redhat:openshift_custom_metrics_autoscaler:2.19::el9 |
|
| Red Hat | HawtIO HawtIO 4.4.0 |
cpe:/a:redhat:apache_camel_hawtio:4.4::el9 |
|
| Red Hat | Logging Subsystem for Red Hat OpenShift 6.0 |
cpe:/a:redhat:logging:6.0::el9 |
|
| Red Hat | Logging Subsystem for Red Hat OpenShift 6.4 |
cpe:/a:redhat:logging:6.4::el9 |
|
| Red Hat | Multicluster Global Hub 1.4.5 |
cpe:/a:redhat:multicluster_globalhub:1.4::el9 |
|
| Red Hat | Multicluster Global Hub 1.5.4 |
cpe:/a:redhat:multicluster_globalhub:1.5::el9 |
|
| Red Hat | Multicluster Global Hub 1.6.2 |
cpe:/a:redhat:multicluster_globalhub:1.6::el9 |
|
| Red Hat | Network Observability (NETOBSERV) 1.11.2 |
cpe:/a:redhat:network_observ_optr:1.11::el9 |
|
| Red Hat | OpenShift API for Data Protection 1.4 |
cpe:/a:redhat:openshift_api_data_protection:1.4::el9 |
|
| Red Hat | OpenShift API for Data Protection 1.5 |
cpe:/a:redhat:openshift_api_data_protection:1.5::el9 |
|
| Red Hat | OpenShift Compliance Operator 1 |
cpe:/a:redhat:openshift_compliance_operator:1::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.14 |
cpe:/a:redhat:acm:2.14::el9 |
|
| Red Hat | Red Hat Advanced Cluster Security for Kubernetes 4.10 |
cpe:/a:redhat:advanced_cluster_security:4.10::el8 |
|
| Red Hat | Red Hat Advanced Cluster Security for Kubernetes 4.9 |
cpe:/a:redhat:advanced_cluster_security:4.9::el8 |
|
| Red Hat | Red Hat Ansible Automation Platform 2.6 |
cpe:/a:redhat:ansible_automation_platform:2.6::el9 |
|
| Red Hat | Red Hat Developer Hub 1.8 |
cpe:/a:redhat:rhdh:1.8::el9 |
|
| Red Hat | Red Hat Developer Hub 1.9 |
cpe:/a:redhat:rhdh:1.9::el9 |
|
| Red Hat | Red Hat Edge Manager 1.0 |
cpe:/a:redhat:edge_manager:1.0::el9 |
|
| Red Hat | Red Hat Lightspeed (formerly Insights) for Runtimes 1 |
cpe:/a:redhat:lightspeed_for_runtimes:1.0::el9 |
|
| Red Hat | Red Hat OpenShift AI 2.25 |
cpe:/a:redhat:openshift_ai:2.25::el9 |
|
| Red Hat | Red Hat OpenShift Builds 1.7.4 |
cpe:/a:redhat:openshift_builds:1.7::el9 |
|
| Red Hat | Red Hat OpenShift Dev Spaces 3.28 |
cpe:/a:redhat:openshift_devspaces:3.28::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 2.6 |
cpe:/a:redhat:service_mesh:2.6::el8 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.1 |
cpe:/a:redhat:service_mesh:3.1::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.2 |
cpe:/a:redhat:service_mesh:3.2::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.3 |
cpe:/a:redhat:service_mesh:3.3::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3 |
cpe:/a:redhat:service_mesh:3.0::el9 |
|
| Red Hat | Red Hat OpenShift distributed tracing 3.9.3 |
cpe:/a:redhat:openshift_distributed_tracing:3.9::el9 |
|
| Red Hat | Red Hat OpenStack 1.5 |
cpe:/a:redhat:stf:1.5::el9 |
|
| Red Hat | Red Hat Quay 3.10 |
cpe:/a:redhat:quay:3.10::el8 |
|
| Red Hat | Red Hat Quay 3.14 |
cpe:/a:redhat:quay:3.14::el8 |
|
| Red Hat | Red Hat Quay 3.15 |
cpe:/a:redhat:quay:3.15::el8 |
|
| Red Hat | Red Hat Quay 3.16 |
cpe:/a:redhat:quay:3.16::el9 |
|
| Red Hat | Red Hat Quay 3.17 |
cpe:/a:redhat:quay:3.17::el9 |
|
| Red Hat | Red Hat Quay 3.9 |
cpe:/a:redhat:quay:3.9::el8 |
|
| Red Hat | Red Hat Trusted Artifact Signer 1.3 |
cpe:/a:redhat:trusted_artifact_signer:1.3::el9 |
|
| Red Hat | Red Hat Web Terminal 1.11 |
cpe:/a:redhat:webterminal:1.11::el9 |
|
| Red Hat | Red Hat Web Terminal 1.12 |
cpe:/a:redhat:webterminal:1.12::el9 |
|
| Red Hat | Red Hat Web Terminal 1.13 |
cpe:/a:redhat:webterminal:1.13::el9 |
|
| Red Hat | Red Hat Web Terminal 1.14 |
cpe:/a:redhat:webterminal:1.14::el9 |
|
| Red Hat | Red Hat Web Terminal 1.15 |
cpe:/a:redhat:webterminal:1.15::el9 |
|
| Red Hat | mirror registry for Red Hat OpenShift 2.0 |
cpe:/a:redhat:mirror_registry:2.0::el8 |
|
| Red Hat | multicluster engine for Kubernetes 2.10 |
cpe:/a:redhat:multicluster_engine:2.10::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.11 |
cpe:/a:redhat:multicluster_engine:2.11::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.17 |
cpe:/a:redhat:multicluster_engine:2.17::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.6 |
cpe:/a:redhat:multicluster_engine:2.6::el8 |
|
| Red Hat | multicluster engine for Kubernetes 2.8 |
cpe:/a:redhat:multicluster_engine:2.8::el8 |
|
| Red Hat | Assisted Installer for Red Hat OpenShift Container Platform 2 |
cpe:/a:redhat:assisted_installer:2 |
|
| Red Hat | cert-manager Operator for Red Hat OpenShift |
cpe:/a:redhat:cert_manager:1 |
|
| Red Hat | Confidential Compute Attestation |
cpe:/a:redhat:confidential_compute_attestation:1 |
|
| Red Hat | Deployment Validation Operator |
cpe:/a:redhat:deployment_validator_operator |
|
| Red Hat | External Secrets Operator for Red Hat OpenShift |
cpe:/a:redhat:external_secrets_operator:1 |
|
| Red Hat | ExternalDNS Operator |
cpe:/a:redhat:ext_dns_optr:1 |
|
| Red Hat | Fence Agents Remediation Operator |
cpe:/a:redhat:workload_availability_far:0 |
|
| Red Hat | File Integrity Operator |
cpe:/a:redhat:openshift_file_integrity_operator:1 |
|
| Red Hat | Gatekeeper 3 |
cpe:/a:redhat:gatekeeper:3 |
|
| Red Hat | Logging Subsystem for Red Hat OpenShift |
cpe:/a:redhat:logging:5 |
|
| Red Hat | Logical Volume Manager Storage |
cpe:/a:redhat:lvms:4 |
|
| Red Hat | Machine Deletion Remediation Operator |
cpe:/a:redhat:workload_availability_mdr:0 |
|
| Red Hat | Migration Toolkit for Containers |
cpe:/a:redhat:rhmt:1 |
|
| Red Hat | mirror registry for Red Hat OpenShift |
cpe:/a:redhat:mirror_registry:1 |
|
| Red Hat | Multicluster Engine for Kubernetes |
cpe:/a:redhat:multicluster_engine |
|
| Red Hat | OpenShift Developer Tools and Services |
cpe:/a:redhat:ocp_tools |
|
| Red Hat | OpenShift Lightspeed |
cpe:/a:redhat:openshift_lightspeed |
|
| Red Hat | OpenShift Pipelines |
cpe:/a:redhat:openshift_pipelines:1 |
|
| Red Hat | OpenShift Serverless |
cpe:/a:redhat:serverless:1 |
|
| Red Hat | Red Hat 3scale API Management Platform 2 |
cpe:/a:redhat:red_hat_3scale_amp:2 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2 |
cpe:/a:redhat:acm:2 |
|
| Red Hat | Red Hat AI Inference Server |
cpe:/a:redhat:ai_inference_server:3 |
|
| Red Hat | Red Hat Certification Program for Red Hat Enterprise Linux 9 |
cpe:/a:redhat:certifications:9 |
|
| Red Hat | Red Hat Connectivity Link 1 |
cpe:/a:redhat:connectivity_link:1 |
|
| Red Hat | Red Hat Enterprise Linux 10 |
cpe:/o:redhat:enterprise_linux:10 |
|
| Red Hat | Red Hat Enterprise Linux 7 |
cpe:/o:redhat:enterprise_linux:7 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
cpe:/o:redhat:enterprise_linux:8 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
cpe:/o:redhat:enterprise_linux:9 |
|
| Red Hat | Red Hat Enterprise Linux AI (RHEL AI) 3 |
cpe:/a:redhat:enterprise_linux_ai:3 |
|
| Red Hat | Red Hat OpenShift AI (RHOAI) |
cpe:/a:redhat:openshift_ai |
|
| Red Hat | Red Hat OpenShift Cluster Manager CLI |
cpe:/a:redhat:openshift_cluster_manager_cli:1 |
|
| Red Hat | Red Hat OpenShift Container Platform 4 |
cpe:/a:redhat:openshift:4 |
|
| Red Hat | Red Hat Openshift Data Foundation 4 |
cpe:/a:redhat:openshift_data_foundation:4 |
|
| Red Hat | Red Hat OpenShift Dev Workspaces Operator |
cpe:/a:redhat:devworkspace |
|
| Red Hat | Red Hat OpenShift GitOps |
cpe:/a:redhat:openshift_gitops:1 |
|
| Red Hat | Red Hat OpenShift on AWS |
cpe:/a:redhat:openshift_service_on_aws:1 |
|
| Red Hat | Red Hat OpenShift Virtualization 4 |
cpe:/a:redhat:container_native_virtualization:4 |
|
| Red Hat | Red Hat OpenStack Platform 16.2 |
cpe:/a:redhat:openstack:16.2 |
|
| Red Hat | Red Hat OpenStack Platform 18.0 |
cpe:/a:redhat:openstack:18.0 |
|
| Red Hat | Red Hat Satellite 6 |
cpe:/a:redhat:satellite:6 |
|
| Red Hat | Security Profiles Operator |
cpe:/a:redhat:openshift_security_profiles_operator:1 |
|
| Red Hat | Zero Trust Workload Identity Manager |
cpe:/a:redhat:zero_trust_workload_identity_manager:1 |
|
| Red Hat | Zero Trust Workload Identity Manager - Tech Preview |
cpe:/a:redhat:zero_trust_workload_identity_manager:0 |
|
| Red Hat | Migration Toolkit for Applications 8 |
cpe:/a:redhat:migration_toolkit_applications:8 |
|
| Red Hat | Node HealthCheck Operator |
cpe:/a:redhat:workload_availability_nhc:0 |
|
| Red Hat | OpenShift Service Mesh 2 |
cpe:/a:redhat:service_mesh:2 |
|
| Red Hat | OpenShift Service Mesh 3 |
cpe:/a:redhat:service_mesh:3 |
|
| Red Hat | Power monitoring for Red Hat OpenShift |
cpe:/a:redhat:openshift_power_monitoring |
|
| Red Hat | Red Hat Ansible Automation Platform 2 |
cpe:/a:redhat:ansible_automation_platform:2 |
|
| Red Hat | Red Hat Hardened Images |
cpe:/a:redhat:hummingbird:1 |
|
| Red Hat | Red Hat OpenShift for Windows Containers |
cpe:/a:redhat:windows_machine_config |
|
| Red Hat | Red Hat Quay 3 |
cpe:/a:redhat:quay:3 |
|
| Red Hat | Red Hat Service Interconnect 1 |
cpe:/a:redhat:service_interconnect:1 |
|
| Red Hat | Red Hat Service Interconnect 2 |
cpe:/a:redhat:service_interconnect:2 |
|
| Red Hat | streams for Apache Kafka 3 |
cpe:/a:redhat:amq_streams:3 |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-32280",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-08T17:46:14.569488Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:46:47.347Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.6::el10",
"cpe:/a:redhat:ansible_automation_platform_developer:2.6::el10"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform 2.6 for RHEL 10",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:rhel_els:7"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux Server (v. 7 ELS)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.5::el8",
"cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8",
"cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4.14::el8",
"cpe:/a:redhat:openshift:4.14::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4.14",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4.15::el8",
"cpe:/a:redhat:openshift:4.15::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4.15",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4.17::el8",
"cpe:/a:redhat:openshift:4.17::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4.17",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4.18::el8",
"cpe:/a:redhat:openshift:4.18::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4.18",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:satellite:6.16::el8",
"cpe:/a:redhat:satellite_capsule:6.16::el8",
"cpe:/a:redhat:satellite_maintenance:6.16::el8",
"cpe:/a:redhat:satellite_utils:6.16::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Satellite 6.16 for RHEL 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.5::el9",
"cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9",
"cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.6::el9",
"cpe:/a:redhat:ansible_automation_platform_developer:2.6::el9",
"cpe:/a:redhat:ansible_automation_platform_inside:2.6::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform 2.6 for RHEL 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:cryostat:4::el9"
],
"defaultStatus": "affected",
"product": "Cryostat 4 on RHEL 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:edge_manager:1.0::el9"
],
"defaultStatus": "affected",
"product": "RHEM 1.0 for RHEL 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openstack:17.1",
"cpe:/a:redhat:openstack:17.1::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenStack Platform 17.1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4.19::el8",
"cpe:/a:redhat:openshift:4.19::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4.19",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:satellite:6.16::el9",
"cpe:/a:redhat:satellite_capsule:6.16::el9",
"cpe:/a:redhat:satellite_maintenance:6.16::el9",
"cpe:/a:redhat:satellite_utils:6.16::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Satellite 6.16 for RHEL 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:satellite:6.19::el9",
"cpe:/a:redhat:satellite_capsule:6.19::el9",
"cpe:/a:redhat:satellite_maintenance:6.19::el9",
"cpe:/a:redhat:satellite_utils:6.19::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Satellite 6.19 for RHEL 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux_eus:10.0"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:10.1",
"cpe:/o:redhat:enterprise_linux:10.2"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream (v. 10)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream (v. 8)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_aus:8.6::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_e4s:8.6::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_tus:8.6::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.4::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream E4S (v.9.4)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus:9.4::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus:9.6::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream (v. 9)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux_eus:10.0"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:10.2"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus:9.6::crb"
],
"defaultStatus": "affected",
"product": "Red Hat CodeReady Linux Builder EUS (v.9.6)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::crb"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_custom_metrics_autoscaler:2.19::el9"
],
"defaultStatus": "affected",
"product": "Custom Metric Autoscaler 2.19",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:apache_camel_hawtio:4.4::el9"
],
"defaultStatus": "affected",
"product": "HawtIO HawtIO 4.4.0",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:logging:6.0::el9"
],
"defaultStatus": "affected",
"product": "Logging Subsystem for Red Hat OpenShift 6.0",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:logging:6.4::el9"
],
"defaultStatus": "affected",
"product": "Logging Subsystem for Red Hat OpenShift 6.4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:multicluster_globalhub:1.4::el9"
],
"defaultStatus": "affected",
"product": "Multicluster Global Hub 1.4.5",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:multicluster_globalhub:1.5::el9"
],
"defaultStatus": "affected",
"product": "Multicluster Global Hub 1.5.4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:multicluster_globalhub:1.6::el9"
],
"defaultStatus": "affected",
"product": "Multicluster Global Hub 1.6.2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:network_observ_optr:1.11::el9"
],
"defaultStatus": "affected",
"product": "Network Observability (NETOBSERV) 1.11.2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_api_data_protection:1.4::el9"
],
"defaultStatus": "affected",
"product": "OpenShift API for Data Protection 1.4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_api_data_protection:1.5::el9"
],
"defaultStatus": "affected",
"product": "OpenShift API for Data Protection 1.5",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_compliance_operator:1::el9"
],
"defaultStatus": "affected",
"product": "OpenShift Compliance Operator 1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:acm:2.14::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.14",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.10::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Advanced Cluster Security for Kubernetes 4.10",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.9::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Advanced Cluster Security for Kubernetes 4.9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.6::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform 2.6",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhdh:1.8::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Developer Hub 1.8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhdh:1.9::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Developer Hub 1.9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:edge_manager:1.0::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Edge Manager 1.0",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:lightspeed_for_runtimes:1.0::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Lightspeed (formerly Insights) for Runtimes 1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_ai:2.25::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift AI 2.25",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_builds:1.7::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Builds 1.7.4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_devspaces:3.28::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Dev Spaces 3.28",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:2.6::el8"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Service Mesh 2.6",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:3.1::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Service Mesh 3.1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:3.2::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Service Mesh 3.2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:3.3::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Service Mesh 3.3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:3.0::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Service Mesh 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_distributed_tracing:3.9::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift distributed tracing 3.9.3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:stf:1.5::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenStack 1.5",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quay:3.10::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Quay 3.10",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quay:3.14::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Quay 3.14",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quay:3.15::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Quay 3.15",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quay:3.16::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Quay 3.16",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quay:3.17::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Quay 3.17",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quay:3.9::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Quay 3.9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:trusted_artifact_signer:1.3::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Trusted Artifact Signer 1.3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:webterminal:1.11::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Web Terminal 1.11",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:webterminal:1.12::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Web Terminal 1.12",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:webterminal:1.13::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Web Terminal 1.13",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:webterminal:1.14::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Web Terminal 1.14",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:webterminal:1.15::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Web Terminal 1.15",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:mirror_registry:2.0::el8"
],
"defaultStatus": "affected",
"product": "mirror registry for Red Hat OpenShift 2.0",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.10::el9"
],
"defaultStatus": "affected",
"product": "multicluster engine for Kubernetes 2.10",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.11::el9"
],
"defaultStatus": "affected",
"product": "multicluster engine for Kubernetes 2.11",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.17::el9"
],
"defaultStatus": "affected",
"product": "multicluster engine for Kubernetes 2.17",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.6::el8"
],
"defaultStatus": "affected",
"product": "multicluster engine for Kubernetes 2.6",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.8::el8"
],
"defaultStatus": "affected",
"product": "multicluster engine for Kubernetes 2.8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:assisted_installer:2"
],
"defaultStatus": "affected",
"product": "Assisted Installer for Red Hat OpenShift Container Platform 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:cert_manager:1"
],
"defaultStatus": "affected",
"product": "cert-manager Operator for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:confidential_compute_attestation:1"
],
"defaultStatus": "affected",
"product": "Confidential Compute Attestation",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:deployment_validator_operator"
],
"defaultStatus": "affected",
"product": "Deployment Validation Operator",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:external_secrets_operator:1"
],
"defaultStatus": "affected",
"product": "External Secrets Operator for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ext_dns_optr:1"
],
"defaultStatus": "affected",
"product": "ExternalDNS Operator",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:workload_availability_far:0"
],
"defaultStatus": "affected",
"product": "Fence Agents Remediation Operator",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_file_integrity_operator:1"
],
"defaultStatus": "affected",
"product": "File Integrity Operator",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:gatekeeper:3"
],
"defaultStatus": "affected",
"product": "Gatekeeper 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:logging:5"
],
"defaultStatus": "affected",
"product": "Logging Subsystem for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:lvms:4"
],
"defaultStatus": "affected",
"product": "Logical Volume Manager Storage",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:workload_availability_mdr:0"
],
"defaultStatus": "affected",
"product": "Machine Deletion Remediation Operator",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhmt:1"
],
"defaultStatus": "affected",
"product": "Migration Toolkit for Containers",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:mirror_registry:1"
],
"defaultStatus": "affected",
"product": "mirror registry for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "affected",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ocp_tools"
],
"defaultStatus": "affected",
"product": "OpenShift Developer Tools and Services",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_lightspeed"
],
"defaultStatus": "affected",
"product": "OpenShift Lightspeed",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "affected",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:serverless:1"
],
"defaultStatus": "affected",
"product": "OpenShift Serverless",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:red_hat_3scale_amp:2"
],
"defaultStatus": "affected",
"product": "Red Hat 3scale API Management Platform 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "affected",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ai_inference_server:3"
],
"defaultStatus": "affected",
"product": "Red Hat AI Inference Server",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:certifications:9"
],
"defaultStatus": "affected",
"product": "Red Hat Certification Program for Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:connectivity_link:1"
],
"defaultStatus": "affected",
"product": "Red Hat Connectivity Link 1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:enterprise_linux_ai:3"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AI (RHEL AI) 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_cluster_manager_cli:1"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Cluster Manager CLI",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4"
],
"defaultStatus": "affected",
"product": "Red Hat Openshift Data Foundation 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:devworkspace"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Dev Workspaces Operator",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_gitops:1"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift GitOps",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_service_on_aws:1"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift on AWS",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openstack:16.2"
],
"defaultStatus": "affected",
"product": "Red Hat OpenStack Platform 16.2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openstack:18.0"
],
"defaultStatus": "affected",
"product": "Red Hat OpenStack Platform 18.0",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:satellite:6"
],
"defaultStatus": "affected",
"product": "Red Hat Satellite 6",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_security_profiles_operator:1"
],
"defaultStatus": "affected",
"product": "Security Profiles Operator",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:zero_trust_workload_identity_manager:1"
],
"defaultStatus": "affected",
"product": "Zero Trust Workload Identity Manager",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:zero_trust_workload_identity_manager:0"
],
"defaultStatus": "affected",
"product": "Zero Trust Workload Identity Manager - Tech Preview",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:migration_toolkit_applications:8"
],
"defaultStatus": "unaffected",
"product": "Migration Toolkit for Applications 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:workload_availability_nhc:0"
],
"defaultStatus": "unaffected",
"product": "Node HealthCheck Operator",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:2"
],
"defaultStatus": "unaffected",
"product": "OpenShift Service Mesh 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:3"
],
"defaultStatus": "unaffected",
"product": "OpenShift Service Mesh 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_power_monitoring"
],
"defaultStatus": "unaffected",
"product": "Power monitoring for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "unaffected",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:hummingbird:1"
],
"defaultStatus": "unaffected",
"product": "Red Hat Hardened Images",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:windows_machine_config"
],
"defaultStatus": "unaffected",
"product": "Red Hat OpenShift for Windows Containers",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quay:3"
],
"defaultStatus": "unaffected",
"product": "Red Hat Quay 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_interconnect:1"
],
"defaultStatus": "unaffected",
"product": "Red Hat Service Interconnect 1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_interconnect:2"
],
"defaultStatus": "unaffected",
"product": "Red Hat Service Interconnect 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:amq_streams:3"
],
"defaultStatus": "unaffected",
"product": "streams for Apache Kafka 3",
"vendor": "Red Hat"
}
],
"datePublic": "2026-04-08T01:06:58.595Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-10T12:05:46.414Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"name": "RHBZ#2456339",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-32280.json"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:24762"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:16101"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:24761"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:28886"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:28961"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:34097"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:21655"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:25180"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:27076"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:14391"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:36796"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:28047"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:23244"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:34365"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20569"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:23103"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19715"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:16024"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19550"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:18032"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:18027"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17084"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19719"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19750"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20570"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22713"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19714"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20571"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19450"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:10217"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:29195"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:23102"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19133"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22141"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19144"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19135"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:24470"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22130"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:29035"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:24716"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:33722"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:10704"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:16875"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:11507"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:11514"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:15980"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19634"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:34192"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:34196"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:34197"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19721"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20607"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20608"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19722"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:16021"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20556"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19839"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:28038"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19720"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22709"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17287"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:24337"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20609"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:14200"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:10219"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:29455"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:29703"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19350"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19353"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:26447"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22309"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:29702"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:28074"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:26636"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:25089"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:26585"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22862"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22347"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:21769"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:23345"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:16874"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:29854"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:26568"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:26571"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:25127"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:13829"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20889"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:13791"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:36319"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:13545"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:21338"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:13826"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:36651"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22485"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:24977"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:24359"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:21772"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:11688"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:16476"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:16505"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:16532"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:16508"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:16535"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:16537"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:16542"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:16477"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:16534"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:14162"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:9385"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:14020"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22840"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:21017"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:24853"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19375"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22465"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:23361"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:24478"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22960"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22958"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22962"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22959"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22961"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:28441"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22422"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22268"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22415"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:28198"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:28196"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22258"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22260"
}
],
"solutions": [
{
"lang": "en",
"value": "RHSA-2026:24762: Red Hat Ansible Automation Platform 2.6 for RHEL 10, Red Hat Ansible Automation Platform 2.6 for RHEL 9"
},
{
"lang": "en",
"value": "RHSA-2026:16101: Red Hat Enterprise Linux Server (v. 7 ELS)"
},
{
"lang": "en",
"value": "RHSA-2026:24761: Red Hat Ansible Automation Platform 2.5 for RHEL 8, Red Hat Ansible Automation Platform 2.5 for RHEL 9"
},
{
"lang": "en",
"value": "RHSA-2026:28886: Red Hat OpenShift Container Platform 4.14"
},
{
"lang": "en",
"value": "RHSA-2026:28961: Red Hat OpenShift Container Platform 4.15"
},
{
"lang": "en",
"value": "RHSA-2026:34097: Red Hat OpenShift Container Platform 4.17"
},
{
"lang": "en",
"value": "RHSA-2026:21655: Red Hat OpenShift Container Platform 4.18"
},
{
"lang": "en",
"value": "RHSA-2026:25180: Red Hat OpenShift Container Platform 4.18"
},
{
"lang": "en",
"value": "RHSA-2026:27076: Red Hat Satellite 6.16 for RHEL 8, Red Hat Satellite 6.16 for RHEL 9"
},
{
"lang": "en",
"value": "RHSA-2026:14391: Cryostat 4 on RHEL 9"
},
{
"lang": "en",
"value": "RHSA-2026:36796: RHEM 1.0 for RHEL 9"
},
{
"lang": "en",
"value": "RHSA-2026:28047: Red Hat OpenStack Platform 17.1"
},
{
"lang": "en",
"value": "RHSA-2026:23244: Red Hat OpenShift Container Platform 4.19"
},
{
"lang": "en",
"value": "RHSA-2026:34365: Red Hat Satellite 6.19 for RHEL 9"
},
{
"lang": "en",
"value": "RHSA-2026:20569: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:23103: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:19715: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:16024: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:19550: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:18032: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:18027: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:17084: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:19719: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:19750: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:20570: Red Hat Enterprise Linux AppStream EUS (v. 10.0), Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:22713: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:19714: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:20571: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:19450: Red Hat Enterprise Linux AppStream EUS (v. 10.0), Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:10217: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:29195: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:23102: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:19133: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:22141: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:19144: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:19135: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:24470: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:22130: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:29035: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:24716: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:33722: Red Hat Enterprise Linux AppStream (v. 8)"
},
{
"lang": "en",
"value": "RHSA-2026:10704: Red Hat Enterprise Linux AppStream (v. 8)"
},
{
"lang": "en",
"value": "RHSA-2026:16875: Red Hat Enterprise Linux AppStream (v. 8)"
},
{
"lang": "en",
"value": "RHSA-2026:11507: Red Hat Enterprise Linux AppStream (v. 8)"
},
{
"lang": "en",
"value": "RHSA-2026:11514: Red Hat Enterprise Linux AppStream (v. 8)"
},
{
"lang": "en",
"value": "RHSA-2026:15980: Red Hat Enterprise Linux AppStream (v. 8)"
},
{
"lang": "en",
"value": "RHSA-2026:19634: Red Hat Enterprise Linux AppStream AUS (v.8.6), Red Hat Enterprise Linux AppStream E4S (v.8.6), Red Hat Enterprise Linux AppStream TUS (v.8.6)"
},
{
"lang": "en",
"value": "RHSA-2026:34192: Red Hat Enterprise Linux AppStream E4S (v.9.4)"
},
{
"lang": "en",
"value": "RHSA-2026:34196: Red Hat Enterprise Linux AppStream E4S (v.9.4)"
},
{
"lang": "en",
"value": "RHSA-2026:34197: Red Hat Enterprise Linux AppStream E4S (v.9.4)"
},
{
"lang": "en",
"value": "RHSA-2026:19721: Red Hat Enterprise Linux AppStream EUS (v.9.4)"
},
{
"lang": "en",
"value": "RHSA-2026:20607: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:20608: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:19722: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:16021: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:20556: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:19839: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:28038: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:19720: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:22709: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:17287: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:24337: Red Hat CodeReady Linux Builder EUS (v.9.6), Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:20609: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:14200: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:10219: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:29455: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:29703: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:19350: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:19353: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:26447: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:22309: Red Hat Enterprise Linux AppStream (v. 9), Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:29702: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:28074: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:26636: Custom Metric Autoscaler 2.19"
},
{
"lang": "en",
"value": "RHSA-2026:25089: HawtIO HawtIO 4.4.0"
},
{
"lang": "en",
"value": "RHSA-2026:26585: Logging Subsystem for Red Hat OpenShift 6.0"
},
{
"lang": "en",
"value": "RHSA-2026:22862: Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"lang": "en",
"value": "RHSA-2026:22347: Multicluster Global Hub 1.4.5"
},
{
"lang": "en",
"value": "RHSA-2026:21769: Multicluster Global Hub 1.5.4"
},
{
"lang": "en",
"value": "RHSA-2026:23345: Multicluster Global Hub 1.6.2"
},
{
"lang": "en",
"value": "RHSA-2026:16874: Network Observability (NETOBSERV) 1.11.2"
},
{
"lang": "en",
"value": "RHSA-2026:29854: OpenShift API for Data Protection 1.4"
},
{
"lang": "en",
"value": "RHSA-2026:26568: OpenShift API for Data Protection 1.5"
},
{
"lang": "en",
"value": "RHSA-2026:26571: OpenShift Compliance Operator 1"
},
{
"lang": "en",
"value": "RHSA-2026:25127: Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"lang": "en",
"value": "RHSA-2026:13829: Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"lang": "en",
"value": "RHSA-2026:20889: Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"lang": "en",
"value": "RHSA-2026:13791: Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"lang": "en",
"value": "RHSA-2026:36319: Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"lang": "en",
"value": "RHSA-2026:13545: Red Hat Ansible Automation Platform 2.6"
},
{
"lang": "en",
"value": "RHSA-2026:21338: Red Hat Developer Hub 1.8"
},
{
"lang": "en",
"value": "RHSA-2026:13826: Red Hat Developer Hub 1.9"
},
{
"lang": "en",
"value": "RHSA-2026:36651: Red Hat Edge Manager 1.0"
},
{
"lang": "en",
"value": "RHSA-2026:22485: Red Hat Lightspeed (formerly Insights) for Runtimes 1"
},
{
"lang": "en",
"value": "RHSA-2026:24977: Red Hat OpenShift AI 2.25"
},
{
"lang": "en",
"value": "RHSA-2026:24359: Red Hat OpenShift Builds 1.7.4"
},
{
"lang": "en",
"value": "RHSA-2026:21772: Red Hat OpenShift Dev Spaces 3.28"
},
{
"lang": "en",
"value": "RHSA-2026:11688: Red Hat OpenShift Service Mesh 2.6"
},
{
"lang": "en",
"value": "RHSA-2026:16476: Red Hat OpenShift Service Mesh 2.6"
},
{
"lang": "en",
"value": "RHSA-2026:16505: Red Hat OpenShift Service Mesh 3.1"
},
{
"lang": "en",
"value": "RHSA-2026:16532: Red Hat OpenShift Service Mesh 3.1"
},
{
"lang": "en",
"value": "RHSA-2026:16508: Red Hat OpenShift Service Mesh 3.2"
},
{
"lang": "en",
"value": "RHSA-2026:16535: Red Hat OpenShift Service Mesh 3.2"
},
{
"lang": "en",
"value": "RHSA-2026:16537: Red Hat OpenShift Service Mesh 3.3"
},
{
"lang": "en",
"value": "RHSA-2026:16542: Red Hat OpenShift Service Mesh 3.3"
},
{
"lang": "en",
"value": "RHSA-2026:16477: Red Hat OpenShift Service Mesh 3"
},
{
"lang": "en",
"value": "RHSA-2026:16534: Red Hat OpenShift Service Mesh 3"
},
{
"lang": "en",
"value": "RHSA-2026:14162: Red Hat OpenShift distributed tracing 3.9.3"
},
{
"lang": "en",
"value": "RHSA-2026:9385: Red Hat OpenShift distributed tracing 3.9.3"
},
{
"lang": "en",
"value": "RHSA-2026:14020: Red Hat OpenStack 1.5"
},
{
"lang": "en",
"value": "RHSA-2026:22840: Red Hat Quay 3.10"
},
{
"lang": "en",
"value": "RHSA-2026:21017: Red Hat Quay 3.14"
},
{
"lang": "en",
"value": "RHSA-2026:24853: Red Hat Quay 3.15"
},
{
"lang": "en",
"value": "RHSA-2026:19375: Red Hat Quay 3.16"
},
{
"lang": "en",
"value": "RHSA-2026:22465: Red Hat Quay 3.17"
},
{
"lang": "en",
"value": "RHSA-2026:23361: Red Hat Quay 3.9"
},
{
"lang": "en",
"value": "RHSA-2026:24478: Red Hat Trusted Artifact Signer 1.3"
},
{
"lang": "en",
"value": "RHSA-2026:22960: Red Hat Web Terminal 1.11"
},
{
"lang": "en",
"value": "RHSA-2026:22958: Red Hat Web Terminal 1.12"
},
{
"lang": "en",
"value": "RHSA-2026:22962: Red Hat Web Terminal 1.13"
},
{
"lang": "en",
"value": "RHSA-2026:22959: Red Hat Web Terminal 1.14"
},
{
"lang": "en",
"value": "RHSA-2026:22961: Red Hat Web Terminal 1.15"
},
{
"lang": "en",
"value": "RHSA-2026:28441: mirror registry for Red Hat OpenShift 2.0"
},
{
"lang": "en",
"value": "RHSA-2026:22422: multicluster engine for Kubernetes 2.10"
},
{
"lang": "en",
"value": "RHSA-2026:22268: multicluster engine for Kubernetes 2.11"
},
{
"lang": "en",
"value": "RHSA-2026:22415: multicluster engine for Kubernetes 2.17"
},
{
"lang": "en",
"value": "RHSA-2026:28198: multicluster engine for Kubernetes 2.6"
},
{
"lang": "en",
"value": "RHSA-2026:28196: multicluster engine for Kubernetes 2.6"
},
{
"lang": "en",
"value": "RHSA-2026:22258: multicluster engine for Kubernetes 2.8"
},
{
"lang": "en",
"value": "RHSA-2026:22260: multicluster engine for Kubernetes 2.8"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-04-08T02:01:19.572Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-04-08T01:06:58.595Z",
"value": "Made public."
}
],
"title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "crypto/x509",
"product": "crypto/x509",
"programRoutines": [
{
"name": "Certificate.buildChains"
},
{
"name": "Certificate.Verify"
}
],
"vendor": "Go standard library",
"versions": [
{
"lessThan": "1.25.9",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.26.2",
"status": "affected",
"version": "1.26.0-0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Jakub Ciolek - https://ciolek.dev"
}
],
"descriptions": [
{
"lang": "en",
"value": "During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions.Intermediates, which can lead to a denial of service. This affects both direct users of crypto/x509 and users of crypto/tls."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T01:06:58.595Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/cl/758320"
},
{
"url": "https://go.dev/issue/78282"
},
{
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"url": "https://pkg.go.dev/vuln/GO-2026-4947"
}
],
"title": "Unexpected work during chain building in crypto/x509"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2026-32280",
"datePublished": "2026-04-08T01:06:58.595Z",
"dateReserved": "2026-03-11T16:38:46.555Z",
"dateUpdated": "2026-07-10T12:05:46.414Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-32280",
"date": "2026-07-13",
"epss": "0.00615",
"percentile": "0.45316"
},
"microsoft_vex": {
"current_release_date": "2026-06-09T01:40:50.000Z",
"cve": "CVE-2026-32280",
"id": "msrc_CVE-2026-32280",
"initial_release_date": "2026-04-02T00:00:00.000Z",
"product_status:known_affected": "7",
"product_status:known_not_affected": "8",
"source": "Microsoft CSAF VEX",
"status": "final",
"title": "Unexpected work during chain building in crypto/x509",
"url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-32280.json",
"version": "5"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-32280\",\"sourceIdentifier\":\"security@golang.org\",\"published\":\"2026-04-08T02:16:03.247\",\"lastModified\":\"2026-07-10T12:16:38.577\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions.Intermediates, which can lead to a denial of service. This affects both direct users of crypto/x509 and users of crypto/tls.\"}],\"affected\":[{\"source\":\"security@golang.org\",\"affectedData\":[{\"vendor\":\"Go standard library\",\"product\":\"crypto/x509\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://pkg.go.dev\",\"packageName\":\"crypto/x509\",\"programRoutines\":[{\"name\":\"Certificate.buildChains\"},{\"name\":\"Certificate.Verify\"}],\"versions\":[{\"version\":\"0\",\"lessThan\":\"1.25.9\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"1.26.0-0\",\"lessThan\":\"1.26.2\",\"versionType\":\"semver\",\"status\":\"affected\"}]}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"affectedData\":[{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Ansible Automation Platform 2.6 for RHEL 10\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ansible_automation_platform:2.6::el10\",\"cpe:/a:redhat:ansible_automation_platform_developer:2.6::el10\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux Server (v. 7 ELS)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:rhel_els:7\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Ansible Automation Platform 2.5 for RHEL 8\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ansible_automation_platform:2.5::el8\",\"cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8\",\"cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.14\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4.14::el8\",\"cpe:/a:redhat:openshift:4.14::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.15\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4.15::el8\",\"cpe:/a:redhat:openshift:4.15::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.17\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4.17::el8\",\"cpe:/a:redhat:openshift:4.17::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.18\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4.18::el8\",\"cpe:/a:redhat:openshift:4.18::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Satellite 6.16 for RHEL 8\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:satellite:6.16::el8\",\"cpe:/a:redhat:satellite_capsule:6.16::el8\",\"cpe:/a:redhat:satellite_maintenance:6.16::el8\",\"cpe:/a:redhat:satellite_utils:6.16::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Ansible Automation Platform 2.5 for RHEL 9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ansible_automation_platform:2.5::el9\",\"cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9\",\"cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Ansible Automation Platform 2.6 for RHEL 9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ansible_automation_platform:2.6::el9\",\"cpe:/a:redhat:ansible_automation_platform_developer:2.6::el9\",\"cpe:/a:redhat:ansible_automation_platform_inside:2.6::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Cryostat 4 on RHEL 9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:cryostat:4::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"RHEM 1.0 for RHEL 9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:edge_manager:1.0::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenStack Platform 17.1\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openstack:17.1\",\"cpe:/a:redhat:openstack:17.1::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.19\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4.19::el8\",\"cpe:/a:redhat:openshift:4.19::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Satellite 6.16 for RHEL 9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:satellite:6.16::el9\",\"cpe:/a:redhat:satellite_capsule:6.16::el9\",\"cpe:/a:redhat:satellite_maintenance:6.16::el9\",\"cpe:/a:redhat:satellite_utils:6.16::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Satellite 6.19 for RHEL 9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:satellite:6.19::el9\",\"cpe:/a:redhat:satellite_capsule:6.19::el9\",\"cpe:/a:redhat:satellite_maintenance:6.19::el9\",\"cpe:/a:redhat:satellite_utils:6.19::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream EUS (v. 10.0)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux_eus:10.0\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream (v. 10)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:10.1\",\"cpe:/o:redhat:enterprise_linux:10.2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream (v. 8)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:enterprise_linux:8::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream AUS (v.8.6)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_aus:8.6::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream E4S (v.8.6)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_e4s:8.6::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream TUS (v.8.6)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_tus:8.6::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream E4S (v.9.4)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_e4s:9.4::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream EUS (v.9.4)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_eus:9.4::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream EUS (v.9.6)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_eus:9.6::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream (v. 9)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:enterprise_linux:9::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux_eus:10.0\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:10.2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat CodeReady Linux Builder EUS (v.9.6)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_eus:9.6::crb\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:enterprise_linux:9::crb\"]},{\"vendor\":\"Red Hat\",\"product\":\"Custom Metric Autoscaler 2.19\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_custom_metrics_autoscaler:2.19::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"HawtIO HawtIO 4.4.0\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:apache_camel_hawtio:4.4::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Logging Subsystem for Red Hat OpenShift 6.0\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:logging:6.0::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Logging Subsystem for Red Hat OpenShift 6.4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:logging:6.4::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Multicluster Global Hub 1.4.5\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_globalhub:1.4::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Multicluster Global Hub 1.5.4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_globalhub:1.5::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Multicluster Global Hub 1.6.2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_globalhub:1.6::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Network Observability (NETOBSERV) 1.11.2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:network_observ_optr:1.11::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift API for Data Protection 1.4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_api_data_protection:1.4::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift API for Data Protection 1.5\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_api_data_protection:1.5::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Compliance Operator 1\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_compliance_operator:1::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Management for Kubernetes 2.14\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:acm:2.14::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Security for Kubernetes 4.10\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:advanced_cluster_security:4.10::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Security for Kubernetes 4.9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:advanced_cluster_security:4.9::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Ansible Automation Platform 2.6\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ansible_automation_platform:2.6::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Developer Hub 1.8\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhdh:1.8::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Developer Hub 1.9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhdh:1.9::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Edge Manager 1.0\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:edge_manager:1.0::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Lightspeed (formerly Insights) for Runtimes 1\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:lightspeed_for_runtimes:1.0::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift AI 2.25\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_ai:2.25::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Builds 1.7.4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_builds:1.7::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Dev Spaces 3.28\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_devspaces:3.28::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Service Mesh 2.6\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_mesh:2.6::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Service Mesh 3.1\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_mesh:3.1::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Service Mesh 3.2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_mesh:3.2::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Service Mesh 3.3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_mesh:3.3::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Service Mesh 3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_mesh:3.0::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift distributed tracing 3.9.3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_distributed_tracing:3.9::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenStack 1.5\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:stf:1.5::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3.10\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3.10::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3.14\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3.14::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3.15\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3.15::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3.16\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3.16::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3.17\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3.17::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3.9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3.9::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Trusted Artifact Signer 1.3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:trusted_artifact_signer:1.3::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Web Terminal 1.11\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:webterminal:1.11::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Web Terminal 1.12\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:webterminal:1.12::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Web Terminal 1.13\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:webterminal:1.13::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Web Terminal 1.14\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:webterminal:1.14::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Web Terminal 1.15\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:webterminal:1.15::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"mirror registry for Red Hat OpenShift 2.0\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:mirror_registry:2.0::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"multicluster engine for Kubernetes 2.10\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_engine:2.10::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"multicluster engine for Kubernetes 2.11\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_engine:2.11::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"multicluster engine for Kubernetes 2.17\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_engine:2.17::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"multicluster engine for Kubernetes 2.6\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_engine:2.6::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"multicluster engine for Kubernetes 2.8\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_engine:2.8::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Assisted Installer for Red Hat OpenShift Container Platform 2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:assisted_installer:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"cert-manager Operator for Red Hat OpenShift\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:cert_manager:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Confidential Compute Attestation\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:confidential_compute_attestation:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Deployment Validation Operator\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:deployment_validator_operator\"]},{\"vendor\":\"Red Hat\",\"product\":\"External Secrets Operator for Red Hat OpenShift\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:external_secrets_operator:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"ExternalDNS Operator\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ext_dns_optr:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Fence Agents Remediation Operator\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:workload_availability_far:0\"]},{\"vendor\":\"Red Hat\",\"product\":\"File Integrity Operator\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_file_integrity_operator:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Gatekeeper 3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:gatekeeper:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Logging Subsystem for Red Hat OpenShift\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:logging:5\"]},{\"vendor\":\"Red Hat\",\"product\":\"Logical Volume Manager Storage\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:lvms:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Machine Deletion Remediation Operator\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:workload_availability_mdr:0\"]},{\"vendor\":\"Red Hat\",\"product\":\"Migration Toolkit for Containers\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhmt:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"mirror registry for Red Hat OpenShift\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:mirror_registry:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Multicluster Engine for Kubernetes\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_engine\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Developer Tools and Services\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ocp_tools\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Lightspeed\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_lightspeed\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Pipelines\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_pipelines:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Serverless\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:serverless:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat 3scale API Management Platform 2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:red_hat_3scale_amp:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Management for Kubernetes 2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:acm:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat AI Inference Server\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ai_inference_server:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Certification Program for Red Hat Enterprise Linux 9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:certifications:9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Connectivity Link 1\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:connectivity_link:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 10\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:10\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 7\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:7\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 8\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AI (RHEL AI) 3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:enterprise_linux_ai:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift AI (RHOAI)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_ai\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Cluster Manager CLI\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_cluster_manager_cli:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Openshift Data Foundation 4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_data_foundation:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Dev Workspaces Operator\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:devworkspace\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift GitOps\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_gitops:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift on AWS\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_service_on_aws:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Virtualization 4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:container_native_virtualization:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenStack Platform 16.2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openstack:16.2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenStack Platform 18.0\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openstack:18.0\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Satellite 6\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:satellite:6\"]},{\"vendor\":\"Red Hat\",\"product\":\"Security Profiles Operator\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_security_profiles_operator:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Zero Trust Workload Identity Manager\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:zero_trust_workload_identity_manager:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Zero Trust Workload Identity Manager - Tech Preview\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:zero_trust_workload_identity_manager:0\"]},{\"vendor\":\"Red Hat\",\"product\":\"Migration Toolkit for Applications 8\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:migration_toolkit_applications:8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Node HealthCheck Operator\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:workload_availability_nhc:0\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Service Mesh 2\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:service_mesh:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Service Mesh 3\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:service_mesh:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Power monitoring for Red Hat OpenShift\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:openshift_power_monitoring\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Ansible Automation Platform 2\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:ansible_automation_platform:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Hardened Images\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:hummingbird:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift for Windows Containers\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:windows_machine_config\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:quay:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Service Interconnect 1\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:service_interconnect:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Service Interconnect 2\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:service_interconnect:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"streams for Apache Kafka 3\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:amq_streams:3\"]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-04-08T17:46:14.569488Z\",\"id\":\"CVE-2026-32280\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"yes\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-770\"}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-770\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.25.9\",\"matchCriteriaId\":\"C6C9C072-9817-402D-877F-F83584B07017\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.26.0\",\"versionEndExcluding\":\"1.26.2\",\"matchCriteriaId\":\"39FE9BAF-55E9-43AA-B14E-239E7EF1D65D\"}]}]}],\"references\":[{\"url\":\"https://go.dev/cl/758320\",\"source\":\"security@golang.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://go.dev/issue/78282\",\"source\":\"security@golang.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Release Notes\"]},{\"url\":\"https://pkg.go.dev/vuln/GO-2026-4947\",\"source\":\"security@golang.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:10217\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:10219\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:10704\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:11507\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:11514\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:11688\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:13545\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:13791\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:13826\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:13829\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:14020\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:14162\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:14200\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:14391\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:15980\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:16021\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:16024\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:16101\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:16476\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:16477\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:16505\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:16508\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:16532\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:16534\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:16535\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:16537\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:16542\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:16874\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:16875\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:17084\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:17287\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:18027\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:18032\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19133\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19135\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19144\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19350\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19353\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19375\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19450\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19550\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19634\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19714\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19715\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19719\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19720\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19721\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19722\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19750\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19839\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20556\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20569\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20570\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20571\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20607\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20608\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20609\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20889\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:21017\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:21338\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:21655\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:21769\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:21772\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22130\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22141\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22258\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22260\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22268\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22309\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22347\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22415\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22422\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22465\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22485\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22709\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22713\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22840\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22862\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22958\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22959\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22960\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22961\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22962\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:23102\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:23103\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:23244\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:23345\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:23361\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:24337\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:24359\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:24470\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:24478\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:24716\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:24761\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:24762\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:24853\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:24977\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:25089\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:25127\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:25180\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:26447\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:26568\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:26571\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:26585\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:26636\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:27076\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:28038\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:28047\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:28074\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:28196\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:28198\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:28441\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:28886\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:28961\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:29035\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:29195\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:29455\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:29702\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:29703\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:29854\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:33722\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:34097\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:34192\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:34196\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:34197\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:34365\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:36319\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:36651\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:36796\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:9385\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2026-32280\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2456339\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-32280.json\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"}]}}",
"redhat_vex": {
"aggregate_severity": "Important",
"current_release_date": "2026-07-13T23:04:10+00:00",
"cve": "CVE-2026-32280",
"id": "CVE-2026-32280",
"initial_release_date": "2026-04-08T01:06:58.595000+00:00",
"product_status:fixed": "2567",
"product_status:known_affected": "187",
"product_status:known_not_affected": "2664",
"source": "Red Hat CSAF VEX",
"status": "final",
"title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-32280.json",
"version": "3"
},
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building\", \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Important\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"cpes\": [\"cpe:/a:redhat:ansible_automation_platform:2.6::el10\", \"cpe:/a:redhat:ansible_automation_platform_developer:2.6::el10\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ansible Automation Platform 2.6 for RHEL 10\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_els:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux Server (v. 7 ELS)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ansible_automation_platform:2.5::el8\", \"cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8\", \"cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ansible Automation Platform 2.5 for RHEL 8\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.14::el8\", \"cpe:/a:redhat:openshift:4.14::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.14\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.15::el8\", \"cpe:/a:redhat:openshift:4.15::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.15\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.17::el8\", \"cpe:/a:redhat:openshift:4.17::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.17\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.18::el8\", \"cpe:/a:redhat:openshift:4.18::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.18\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite:6.16::el8\", \"cpe:/a:redhat:satellite_capsule:6.16::el8\", \"cpe:/a:redhat:satellite_maintenance:6.16::el8\", \"cpe:/a:redhat:satellite_utils:6.16::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6.16 for RHEL 8\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ansible_automation_platform:2.5::el9\", \"cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9\", \"cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ansible Automation Platform 2.5 for RHEL 9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ansible_automation_platform:2.6::el9\", \"cpe:/a:redhat:ansible_automation_platform_developer:2.6::el9\", \"cpe:/a:redhat:ansible_automation_platform_inside:2.6::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ansible Automation Platform 2.6 for RHEL 9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:cryostat:4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Cryostat 4 on RHEL 9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:edge_manager:1.0::el9\"], \"vendor\": \"Red Hat\", \"product\": \"RHEM 1.0 for RHEL 9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openstack:17.1\", \"cpe:/a:redhat:openstack:17.1::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenStack Platform 17.1\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.19::el8\", \"cpe:/a:redhat:openshift:4.19::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.19\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite:6.16::el9\", \"cpe:/a:redhat:satellite_capsule:6.16::el9\", \"cpe:/a:redhat:satellite_maintenance:6.16::el9\", \"cpe:/a:redhat:satellite_utils:6.16::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6.16 for RHEL 9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite:6.19::el9\", \"cpe:/a:redhat:satellite_capsule:6.19::el9\", \"cpe:/a:redhat:satellite_maintenance:6.19::el9\", \"cpe:/a:redhat:satellite_utils:6.19::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6.19 for RHEL 9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux_eus:10.0\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream EUS (v. 10.0)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10.1\", \"cpe:/o:redhat:enterprise_linux:10.2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream (v. 10)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:8::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream (v. 8)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_aus:8.6::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream AUS (v.8.6)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_e4s:8.6::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream E4S (v.8.6)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_tus:8.6::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream TUS (v.8.6)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_e4s:9.4::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream E4S (v.9.4)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:9.4::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream EUS (v.9.4)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:9.6::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream EUS (v.9.6)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:9::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream (v. 9)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux_eus:10.0\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10.2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:9.6::crb\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat CodeReady Linux Builder EUS (v.9.6)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:9::crb\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_custom_metrics_autoscaler:2.19::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Custom Metric Autoscaler 2.19\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:apache_camel_hawtio:4.4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"HawtIO HawtIO 4.4.0\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:logging:6.0::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Logging Subsystem for Red Hat OpenShift 6.0\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:logging:6.4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Logging Subsystem for Red Hat OpenShift 6.4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_globalhub:1.4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Multicluster Global Hub 1.4.5\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_globalhub:1.5::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Multicluster Global Hub 1.5.4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_globalhub:1.6::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Multicluster Global Hub 1.6.2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:network_observ_optr:1.11::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Network Observability (NETOBSERV) 1.11.2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_api_data_protection:1.4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift API for Data Protection 1.4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_api_data_protection:1.5::el9\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift API for Data Protection 1.5\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_compliance_operator:1::el9\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Compliance Operator 1\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:acm:2.14::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Management for Kubernetes 2.14\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:4.10::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Security for Kubernetes 4.10\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:4.9::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Security for Kubernetes 4.9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ansible_automation_platform:2.6::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ansible Automation Platform 2.6\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhdh:1.8::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Developer Hub 1.8\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhdh:1.9::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Developer Hub 1.9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:edge_manager:1.0::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Edge Manager 1.0\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:lightspeed_for_runtimes:1.0::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Lightspeed (formerly Insights) for Runtimes 1\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_ai:2.25::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift AI 2.25\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_builds:1.7::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Builds 1.7.4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_devspaces:3.28::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Dev Spaces 3.28\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_mesh:2.6::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Service Mesh 2.6\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_mesh:3.0::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Service Mesh 3.0\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_mesh:3.1::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Service Mesh 3.1\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_mesh:3.2::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Service Mesh 3.2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_mesh:3.3::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Service Mesh 3.3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_distributed_tracing:3.9::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift distributed tracing 3.9.3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:stf:1.5::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenStack 1.5\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:quay:3.10::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Quay 3.10\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:quay:3.14::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Quay 3.14\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:quay:3.15::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Quay 3.15\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:quay:3.16::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Quay 3.16\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:quay:3.17::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Quay 3.17\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:quay:3.9::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Quay 3.9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:trusted_artifact_signer:1.3::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Trusted Artifact Signer 1.3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:webterminal:1.11::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Web Terminal 1.11\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:webterminal:1.12::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Web Terminal 1.12\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:webterminal:1.13::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Web Terminal 1.13\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:webterminal:1.14::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Web Terminal 1.14\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:webterminal:1.15::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Web Terminal 1.15\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:mirror_registry:2.0::el8\"], \"vendor\": \"Red Hat\", \"product\": \"mirror registry for Red Hat OpenShift 2.0\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_engine:2.10::el9\"], \"vendor\": \"Red Hat\", \"product\": \"multicluster engine for Kubernetes 2.10\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_engine:2.11::el9\"], \"vendor\": \"Red Hat\", \"product\": \"multicluster engine for Kubernetes 2.11\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_engine:2.17::el9\"], \"vendor\": \"Red Hat\", \"product\": \"multicluster engine for Kubernetes 2.17\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_engine:2.6::el8\"], \"vendor\": \"Red Hat\", \"product\": \"multicluster engine for Kubernetes 2.6\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_engine:2.8::el8\"], \"vendor\": \"Red Hat\", \"product\": \"multicluster engine for Kubernetes 2.8\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:assisted_installer:2\"], \"vendor\": \"Red Hat\", \"product\": \"Assisted Installer for Red Hat OpenShift Container Platform 2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:cert_manager:1\"], \"vendor\": \"Red Hat\", \"product\": \"cert-manager Operator for Red Hat OpenShift\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:confidential_compute_attestation:1\"], \"vendor\": \"Red Hat\", \"product\": \"Confidential Compute Attestation\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:deployment_validator_operator\"], \"vendor\": \"Red Hat\", \"product\": \"Deployment Validation Operator\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:external_secrets_operator:1\"], \"vendor\": \"Red Hat\", \"product\": \"External Secrets Operator for Red Hat OpenShift\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ext_dns_optr:1\"], \"vendor\": \"Red Hat\", \"product\": \"ExternalDNS Operator\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:workload_availability_far:0\"], \"vendor\": \"Red Hat\", \"product\": \"Fence Agents Remediation Operator\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_file_integrity_operator:1\"], \"vendor\": \"Red Hat\", \"product\": \"File Integrity Operator\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:gatekeeper:3\"], \"vendor\": \"Red Hat\", \"product\": \"Gatekeeper 3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:logging:5\"], \"vendor\": \"Red Hat\", \"product\": \"Logging Subsystem for Red Hat OpenShift\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:lvms:4\"], \"vendor\": \"Red Hat\", \"product\": \"Logical Volume Manager Storage\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:workload_availability_mdr:0\"], \"vendor\": \"Red Hat\", \"product\": \"Machine Deletion Remediation Operator\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhmt:1\"], \"vendor\": \"Red Hat\", \"product\": \"Migration Toolkit for Containers\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:mirror_registry:1\"], \"vendor\": \"Red Hat\", \"product\": \"mirror registry for Red Hat OpenShift\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_engine\"], \"vendor\": \"Red Hat\", \"product\": \"Multicluster Engine for Kubernetes\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ocp_tools\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Developer Tools and Services\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_lightspeed\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Lightspeed\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_pipelines:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Pipelines\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:serverless:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Serverless\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:red_hat_3scale_amp:2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat 3scale API Management Platform 2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:acm:2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Management for Kubernetes 2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ai_inference_server:3\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat AI Inference Server\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:certifications:9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Certification Program for Red Hat Enterprise Linux 9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:connectivity_link:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Connectivity Link 1\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 10\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 7\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux_ai:3\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AI (RHEL AI) 3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_ai\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift AI (RHOAI)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_cluster_manager_cli:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Cluster Manager CLI\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_data_foundation:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Openshift Data Foundation 4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:devworkspace\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Dev Workspaces Operator\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_gitops:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift GitOps\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_service_on_aws:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift on AWS\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:container_native_virtualization:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Virtualization 4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openstack:16.2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenStack Platform 16.2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openstack:18.0\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenStack Platform 18.0\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite:6\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_security_profiles_operator:1\"], \"vendor\": \"Red Hat\", \"product\": \"Security Profiles Operator\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:zero_trust_workload_identity_manager:1\"], \"vendor\": \"Red Hat\", \"product\": \"Zero Trust Workload Identity Manager\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:zero_trust_workload_identity_manager:0\"], \"vendor\": \"Red Hat\", \"product\": \"Zero Trust Workload Identity Manager - Tech Preview\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:migration_toolkit_applications:8\"], \"vendor\": \"Red Hat\", \"product\": \"Migration Toolkit for Applications 8\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:workload_availability_nhc:0\"], \"vendor\": \"Red Hat\", \"product\": \"Node HealthCheck Operator\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:service_mesh:2\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Service Mesh 2\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:service_mesh:3\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Service Mesh 3\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_power_monitoring\"], \"vendor\": \"Red Hat\", \"product\": \"Power monitoring for Red Hat OpenShift\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:ansible_automation_platform:2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ansible Automation Platform 2\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:hummingbird:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Hardened Images\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:windows_machine_config\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift for Windows Containers\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:quay:3\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Quay 3\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:service_interconnect:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Service Interconnect 1\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:service_interconnect:2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Service Interconnect 2\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:amq_streams:3\"], \"vendor\": \"Red Hat\", \"product\": \"streams for Apache Kafka 3\", \"defaultStatus\": \"unaffected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-04-08T02:01:19.572Z\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2026-04-08T01:06:58.595Z\", \"value\": \"Made public.\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"RHSA-2026:24762: Red Hat Ansible Automation Platform 2.6 for RHEL 10, Red Hat Ansible Automation Platform 2.6 for RHEL 9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:16101: Red Hat Enterprise Linux Server (v. 7 ELS)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:24761: Red Hat Ansible Automation Platform 2.5 for RHEL 8, Red Hat Ansible Automation Platform 2.5 for RHEL 9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:28886: Red Hat OpenShift Container Platform 4.14\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:28961: Red Hat OpenShift Container Platform 4.15\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:34097: Red Hat OpenShift Container Platform 4.17\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:21655: Red Hat OpenShift Container Platform 4.18\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:25180: Red Hat OpenShift Container Platform 4.18\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:27076: Red Hat Satellite 6.16 for RHEL 8, Red Hat Satellite 6.16 for RHEL 9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:14391: Cryostat 4 on RHEL 9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:36796: RHEM 1.0 for RHEL 9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:28047: Red Hat OpenStack Platform 17.1\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:23244: Red Hat OpenShift Container Platform 4.19\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:34365: Red Hat Satellite 6.19 for RHEL 9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:20569: Red Hat Enterprise Linux AppStream EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:23103: Red Hat Enterprise Linux AppStream EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19715: Red Hat Enterprise Linux AppStream EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:16024: Red Hat Enterprise Linux AppStream EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19550: Red Hat Enterprise Linux AppStream EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:18032: Red Hat Enterprise Linux AppStream EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:18027: Red Hat Enterprise Linux AppStream EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:17084: Red Hat Enterprise Linux AppStream EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19719: Red Hat Enterprise Linux AppStream EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19750: Red Hat Enterprise Linux AppStream EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:20570: Red Hat Enterprise Linux AppStream EUS (v. 10.0), Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:22713: Red Hat Enterprise Linux AppStream EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19714: Red Hat Enterprise Linux AppStream EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:20571: Red Hat Enterprise Linux AppStream EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19450: Red Hat Enterprise Linux AppStream EUS (v. 10.0), Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:10217: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:29195: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:23102: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19133: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:22141: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19144: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19135: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:24470: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:22130: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:29035: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:24716: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:33722: Red Hat Enterprise Linux AppStream (v. 8)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:10704: Red Hat Enterprise Linux AppStream (v. 8)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:16875: Red Hat Enterprise Linux AppStream (v. 8)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:11507: Red Hat Enterprise Linux AppStream (v. 8)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:11514: Red Hat Enterprise Linux AppStream (v. 8)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:15980: Red Hat Enterprise Linux AppStream (v. 8)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19634: Red Hat Enterprise Linux AppStream AUS (v.8.6), Red Hat Enterprise Linux AppStream E4S (v.8.6), Red Hat Enterprise Linux AppStream TUS (v.8.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:34192: Red Hat Enterprise Linux AppStream E4S (v.9.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:34196: Red Hat Enterprise Linux AppStream E4S (v.9.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:34197: Red Hat Enterprise Linux AppStream E4S (v.9.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19721: Red Hat Enterprise Linux AppStream EUS (v.9.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:20607: Red Hat Enterprise Linux AppStream EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:20608: Red Hat Enterprise Linux AppStream EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19722: Red Hat Enterprise Linux AppStream EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:16021: Red Hat Enterprise Linux AppStream EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:20556: Red Hat Enterprise Linux AppStream EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19839: Red Hat Enterprise Linux AppStream EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:28038: Red Hat Enterprise Linux AppStream EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19720: Red Hat Enterprise Linux AppStream EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:22709: Red Hat Enterprise Linux AppStream EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:17287: Red Hat Enterprise Linux AppStream EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:24337: Red Hat CodeReady Linux Builder EUS (v.9.6), Red Hat Enterprise Linux AppStream EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:20609: Red Hat Enterprise Linux AppStream EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:14200: Red Hat Enterprise Linux AppStream (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:10219: Red Hat Enterprise Linux AppStream (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:29455: Red Hat Enterprise Linux AppStream (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:29703: Red Hat Enterprise Linux AppStream (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19350: Red Hat Enterprise Linux AppStream (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19353: Red Hat Enterprise Linux AppStream (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:26447: Red Hat Enterprise Linux AppStream (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:22309: Red Hat Enterprise Linux AppStream (v. 9), Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:29702: Red Hat Enterprise Linux AppStream (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:28074: Red Hat Enterprise Linux AppStream (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:26636: Custom Metric Autoscaler 2.19\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:25089: HawtIO HawtIO 4.4.0\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:26585: Logging Subsystem for Red Hat OpenShift 6.0\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:22862: Logging Subsystem for Red Hat OpenShift 6.4\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:22347: Multicluster Global Hub 1.4.5\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:21769: Multicluster Global Hub 1.5.4\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:23345: Multicluster Global Hub 1.6.2\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:16874: Network Observability (NETOBSERV) 1.11.2\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:29854: OpenShift API for Data Protection 1.4\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:26568: OpenShift API for Data Protection 1.5\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:26571: OpenShift Compliance Operator 1\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:25127: Red Hat Advanced Cluster Management for Kubernetes 2.14\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:13829: Red Hat Advanced Cluster Security for Kubernetes 4.10\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:20889: Red Hat Advanced Cluster Security for Kubernetes 4.10\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:13791: Red Hat Advanced Cluster Security for Kubernetes 4.9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:36319: Red Hat Advanced Cluster Security for Kubernetes 4.9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:13545: Red Hat Ansible Automation Platform 2.6\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:21338: Red Hat Developer Hub 1.8\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:13826: Red Hat Developer Hub 1.9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:36651: Red Hat Edge Manager 1.0\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:22485: Red Hat Lightspeed (formerly Insights) for Runtimes 1\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:24977: Red Hat OpenShift AI 2.25\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:24359: Red Hat OpenShift Builds 1.7.4\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:21772: Red Hat OpenShift Dev Spaces 3.28\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:11688: Red Hat OpenShift Service Mesh 2.6\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:16476: Red Hat OpenShift Service Mesh 2.6\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:16477: Red Hat OpenShift Service Mesh 3.0\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:16534: Red Hat OpenShift Service Mesh 3.0\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:16505: Red Hat OpenShift Service Mesh 3.1\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:16532: Red Hat OpenShift Service Mesh 3.1\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:16508: Red Hat OpenShift Service Mesh 3.2\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:16535: Red Hat OpenShift Service Mesh 3.2\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:16537: Red Hat OpenShift Service Mesh 3.3\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:16542: Red Hat OpenShift Service Mesh 3.3\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:14162: Red Hat OpenShift distributed tracing 3.9.3\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:9385: Red Hat OpenShift distributed tracing 3.9.3\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:14020: Red Hat OpenStack 1.5\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:22840: Red Hat Quay 3.10\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:21017: Red Hat Quay 3.14\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:24853: Red Hat Quay 3.15\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19375: Red Hat Quay 3.16\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:22465: Red Hat Quay 3.17\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:23361: Red Hat Quay 3.9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:24478: Red Hat Trusted Artifact Signer 1.3\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:22960: Red Hat Web Terminal 1.11\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:22958: Red Hat Web Terminal 1.12\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:22962: Red Hat Web Terminal 1.13\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:22959: Red Hat Web Terminal 1.14\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:22961: Red Hat Web Terminal 1.15\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:28441: mirror registry for Red Hat OpenShift 2.0\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:22422: multicluster engine for Kubernetes 2.10\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:22268: multicluster engine for Kubernetes 2.11\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:22415: multicluster engine for Kubernetes 2.17\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:28198: multicluster engine for Kubernetes 2.6\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:28196: multicluster engine for Kubernetes 2.6\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:22258: multicluster engine for Kubernetes 2.8\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:22260: multicluster engine for Kubernetes 2.8\"}], \"x_adpType\": \"supplier\", \"datePublic\": \"2026-04-08T01:06:58.595Z\", \"references\": [{\"url\": \"https://access.redhat.com/security/cve/CVE-2026-32280\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2456339\", \"name\": \"RHBZ#2456339\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-32280.json\", \"tags\": [\"x_sadp-csaf-vex\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:24762\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:16101\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:24761\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:28886\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:28961\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:34097\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:21655\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:25180\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:27076\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:14391\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:36796\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:28047\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:23244\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:34365\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20569\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:23103\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19715\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:16024\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19550\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:18032\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:18027\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:17084\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19719\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19750\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20570\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:22713\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19714\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20571\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19450\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:10217\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:29195\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:23102\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19133\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:22141\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19144\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19135\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:24470\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:22130\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:29035\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:24716\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:33722\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:10704\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:16875\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:11507\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:11514\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:15980\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19634\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:34192\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:34196\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:34197\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19721\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20607\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20608\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19722\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:16021\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20556\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19839\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:28038\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19720\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:22709\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:17287\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:24337\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20609\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:14200\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:10219\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:29455\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:29703\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19350\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19353\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:26447\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:22309\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:29702\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:28074\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:26636\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:25089\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:26585\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:22862\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:22347\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:21769\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:23345\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:16874\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:29854\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:26568\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:26571\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:25127\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:13829\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20889\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:13791\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:36319\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:13545\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:21338\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:13826\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:36651\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:22485\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:24977\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:24359\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:21772\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:11688\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:16476\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:16477\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:16534\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:16505\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:16532\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:16508\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:16535\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:16537\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:16542\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:14162\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:9385\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:14020\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:22840\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:21017\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:24853\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19375\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:22465\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:23361\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:24478\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:22960\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:22958\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:22962\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:22959\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:22961\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:28441\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:22422\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:22268\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:22415\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:28198\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:28196\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:22258\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:22260\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}], \"x_generator\": {\"engine\": \"sadp-cli 1.0.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-770\", \"description\": \"Allocation of Resources Without Limits or Throttling\"}]}], \"providerMetadata\": {\"orgId\": \"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\", \"shortName\": \"redhat-SADP\", \"dateUpdated\": \"2026-07-09T12:09:15.670Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-32280\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-04-08T17:46:14.569488Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-770\", \"description\": \"CWE-770 Allocation of Resources Without Limits or Throttling\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-04-08T17:45:30.925Z\"}}], \"cna\": {\"title\": \"Unexpected work during chain building in crypto/x509\", \"credits\": [{\"lang\": \"en\", \"value\": \"Jakub Ciolek - https://ciolek.dev\"}], \"affected\": [{\"vendor\": \"Go standard library\", \"product\": \"crypto/x509\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.25.9\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"1.26.0-0\", \"lessThan\": \"1.26.2\", \"versionType\": \"semver\"}], \"packageName\": \"crypto/x509\", \"collectionURL\": \"https://pkg.go.dev\", \"defaultStatus\": \"unaffected\", \"programRoutines\": [{\"name\": \"Certificate.buildChains\"}, {\"name\": \"Certificate.Verify\"}]}], \"references\": [{\"url\": \"https://go.dev/cl/758320\"}, {\"url\": \"https://go.dev/issue/78282\"}, {\"url\": \"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2026-4947\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions.Intermediates, which can lead to a denial of service. This affects both direct users of crypto/x509 and users of crypto/tls.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-770: Allocation of Resources Without Limits or Throttling\"}]}], \"providerMetadata\": {\"orgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"shortName\": \"Go\", \"dateUpdated\": \"2026-04-08T01:06:58.595Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-32280\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-07-09T12:09:15.670Z\", \"dateReserved\": \"2026-03-11T16:38:46.555Z\", \"assignerOrgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"datePublished\": \"2026-04-08T01:06:58.595Z\", \"assignerShortName\": \"Go\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
RHSA-2026:22258
Vulnerability from csaf_redhat - Published: 2026-06-01 06:42 - Updated: 2026-07-14 05:56A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:0578fe32759bccad07a8624017ee4629a21b3623393af20cc16f0819a0d71cf1_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:77ea535479c2c3e814107d03bd79f670c7c8ce641ff16482065ac7d5a9d818c3_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:9bcb737b6ba68fc378edaa56d3b20900807df3f463c45628f4f2bc12d099b03a_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:b9ffe0abc4785e59a27e0a0d2b6e0c6f9242a73691800252d1c9741bfcc389b4_s390x | — |
Vendor Fix
fix
|
A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:0578fe32759bccad07a8624017ee4629a21b3623393af20cc16f0819a0d71cf1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:77ea535479c2c3e814107d03bd79f670c7c8ce641ff16482065ac7d5a9d818c3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:9bcb737b6ba68fc378edaa56d3b20900807df3f463c45628f4f2bc12d099b03a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:b9ffe0abc4785e59a27e0a0d2b6e0c6f9242a73691800252d1c9741bfcc389b4_s390x | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Assisted installer RHEL 8 components for the multicluster engine for Kubernetes 2.8.7 General Availability release, with updates to container images.",
"title": "Topic"
},
{
"category": "general",
"text": "Assisted Installer RHEL 8 integrates components for the general multicluster engine\nfor Kubernetes 2.8.7 release that simplify the process of deploying OpenShift Container\nPlatform clusters.\n\nThe multicluster engine for Kubernetes provides the foundational components\nthat are necessary for the centralized management of multiple\nKubernetes-based clusters across data centers, public clouds, and private\nclouds.\n\nYou can use the engine to create new Red Hat OpenShift Container Platform\nclusters, or to import existing Kubernetes-based clusters for management.\n\nAfter the clusters are managed, you can use the APIs that\nare provided by the engine to distribute configuration based on placement\npolicy.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:22258",
"url": "https://access.redhat.com/errata/RHSA-2026:22258"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32280",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-34986",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_22258.json"
}
],
"title": "Red Hat Security Advisory: Assisted Installer RHEL 8 components for Multicluster Engine for Kubernetes 2.8.7",
"tracking": {
"current_release_date": "2026-07-14T05:56:46+00:00",
"generator": {
"date": "2026-07-14T05:56:46+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.2"
}
},
"id": "RHSA-2026:22258",
"initial_release_date": "2026-06-01T06:42:53+00:00",
"revision_history": [
{
"date": "2026-06-01T06:42:53+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-01T06:42:56+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-14T05:56:46+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "multicluster engine for Kubernetes 2.8",
"product": {
"name": "multicluster engine for Kubernetes 2.8",
"product_id": "multicluster engine for Kubernetes 2.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:multicluster_engine:2.8::el8"
}
}
}
],
"category": "product_family",
"name": "multicluster engine for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:77ea535479c2c3e814107d03bd79f670c7c8ce641ff16482065ac7d5a9d818c3_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:77ea535479c2c3e814107d03bd79f670c7c8ce641ff16482065ac7d5a9d818c3_amd64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:77ea535479c2c3e814107d03bd79f670c7c8ce641ff16482065ac7d5a9d818c3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-service-8-rhel8@sha256%3A77ea535479c2c3e814107d03bd79f670c7c8ce641ff16482065ac7d5a9d818c3?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-service-8-rhel8\u0026tag=1779910504"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:0578fe32759bccad07a8624017ee4629a21b3623393af20cc16f0819a0d71cf1_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:0578fe32759bccad07a8624017ee4629a21b3623393af20cc16f0819a0d71cf1_arm64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:0578fe32759bccad07a8624017ee4629a21b3623393af20cc16f0819a0d71cf1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-service-8-rhel8@sha256%3A0578fe32759bccad07a8624017ee4629a21b3623393af20cc16f0819a0d71cf1?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-service-8-rhel8\u0026tag=1779910504"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:9bcb737b6ba68fc378edaa56d3b20900807df3f463c45628f4f2bc12d099b03a_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:9bcb737b6ba68fc378edaa56d3b20900807df3f463c45628f4f2bc12d099b03a_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:9bcb737b6ba68fc378edaa56d3b20900807df3f463c45628f4f2bc12d099b03a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-service-8-rhel8@sha256%3A9bcb737b6ba68fc378edaa56d3b20900807df3f463c45628f4f2bc12d099b03a?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-service-8-rhel8\u0026tag=1779910504"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:b9ffe0abc4785e59a27e0a0d2b6e0c6f9242a73691800252d1c9741bfcc389b4_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:b9ffe0abc4785e59a27e0a0d2b6e0c6f9242a73691800252d1c9741bfcc389b4_s390x",
"product_id": "registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:b9ffe0abc4785e59a27e0a0d2b6e0c6f9242a73691800252d1c9741bfcc389b4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/assisted-service-8-rhel8@sha256%3Ab9ffe0abc4785e59a27e0a0d2b6e0c6f9242a73691800252d1c9741bfcc389b4?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-service-8-rhel8\u0026tag=1779910504"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:0578fe32759bccad07a8624017ee4629a21b3623393af20cc16f0819a0d71cf1_arm64 as a component of multicluster engine for Kubernetes 2.8",
"product_id": "multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:0578fe32759bccad07a8624017ee4629a21b3623393af20cc16f0819a0d71cf1_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:0578fe32759bccad07a8624017ee4629a21b3623393af20cc16f0819a0d71cf1_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:77ea535479c2c3e814107d03bd79f670c7c8ce641ff16482065ac7d5a9d818c3_amd64 as a component of multicluster engine for Kubernetes 2.8",
"product_id": "multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:77ea535479c2c3e814107d03bd79f670c7c8ce641ff16482065ac7d5a9d818c3_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:77ea535479c2c3e814107d03bd79f670c7c8ce641ff16482065ac7d5a9d818c3_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:9bcb737b6ba68fc378edaa56d3b20900807df3f463c45628f4f2bc12d099b03a_ppc64le as a component of multicluster engine for Kubernetes 2.8",
"product_id": "multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:9bcb737b6ba68fc378edaa56d3b20900807df3f463c45628f4f2bc12d099b03a_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:9bcb737b6ba68fc378edaa56d3b20900807df3f463c45628f4f2bc12d099b03a_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:b9ffe0abc4785e59a27e0a0d2b6e0c6f9242a73691800252d1c9741bfcc389b4_s390x as a component of multicluster engine for Kubernetes 2.8",
"product_id": "multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:b9ffe0abc4785e59a27e0a0d2b6e0c6f9242a73691800252d1c9741bfcc389b4_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:b9ffe0abc4785e59a27e0a0d2b6e0c6f9242a73691800252d1c9741bfcc389b4_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.8"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-32280",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-08T02:01:19.572351+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go standard library\u0027s certificate chain building process. Systems utilizing Go applications that process untrusted TLS certificates or X.509 certificate chains are susceptible to resource exhaustion when presented with an excessive number of intermediate certificates, potentially leading to service unavailability. This flaw impacts applications directly using `crypto/x509` or `crypto/tls`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:0578fe32759bccad07a8624017ee4629a21b3623393af20cc16f0819a0d71cf1_arm64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:77ea535479c2c3e814107d03bd79f670c7c8ce641ff16482065ac7d5a9d818c3_amd64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:9bcb737b6ba68fc378edaa56d3b20900807df3f463c45628f4f2bc12d099b03a_ppc64le",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:b9ffe0abc4785e59a27e0a0d2b6e0c6f9242a73691800252d1c9741bfcc389b4_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "RHBZ#2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://go.dev/cl/758320",
"url": "https://go.dev/cl/758320"
},
{
"category": "external",
"summary": "https://go.dev/issue/78282",
"url": "https://go.dev/issue/78282"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4947",
"url": "https://pkg.go.dev/vuln/GO-2026-4947"
}
],
"release_date": "2026-04-08T01:06:58.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-01T06:42:53+00:00",
"details": "For more information about Assisted Installer, see the following documentation:\n\nhttps://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.13/html/clusters/cluster_mce_overview#cim-intro\n\nFor multicluster engine for Kubernetes, see the following documentation for\ndetails on how to install the images:\n\nhttps://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.13/html/clusters/cluster_mce_overview#mce-install-intro\n\nThis documentation will be available after the general availability release of Red Hat Advanced Cluster Management 2.13.",
"product_ids": [
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:0578fe32759bccad07a8624017ee4629a21b3623393af20cc16f0819a0d71cf1_arm64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:77ea535479c2c3e814107d03bd79f670c7c8ce641ff16482065ac7d5a9d818c3_amd64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:9bcb737b6ba68fc378edaa56d3b20900807df3f463c45628f4f2bc12d099b03a_ppc64le",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:b9ffe0abc4785e59a27e0a0d2b6e0c6f9242a73691800252d1c9741bfcc389b4_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22258"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:0578fe32759bccad07a8624017ee4629a21b3623393af20cc16f0819a0d71cf1_arm64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:77ea535479c2c3e814107d03bd79f670c7c8ce641ff16482065ac7d5a9d818c3_amd64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:9bcb737b6ba68fc378edaa56d3b20900807df3f463c45628f4f2bc12d099b03a_ppc64le",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:b9ffe0abc4785e59a27e0a0d2b6e0c6f9242a73691800252d1c9741bfcc389b4_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
},
{
"cve": "CVE-2026-34986",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-04-06T17:01:34.639203+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455470"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:0578fe32759bccad07a8624017ee4629a21b3623393af20cc16f0819a0d71cf1_arm64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:77ea535479c2c3e814107d03bd79f670c7c8ce641ff16482065ac7d5a9d818c3_amd64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:9bcb737b6ba68fc378edaa56d3b20900807df3f463c45628f4f2bc12d099b03a_ppc64le",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:b9ffe0abc4785e59a27e0a0d2b6e0c6f9242a73691800252d1c9741bfcc389b4_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "RHBZ#2455470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-34986",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34986"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants",
"url": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants"
}
],
"release_date": "2026-04-06T16:22:45.353000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-01T06:42:53+00:00",
"details": "For more information about Assisted Installer, see the following documentation:\n\nhttps://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.13/html/clusters/cluster_mce_overview#cim-intro\n\nFor multicluster engine for Kubernetes, see the following documentation for\ndetails on how to install the images:\n\nhttps://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.13/html/clusters/cluster_mce_overview#mce-install-intro\n\nThis documentation will be available after the general availability release of Red Hat Advanced Cluster Management 2.13.",
"product_ids": [
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:0578fe32759bccad07a8624017ee4629a21b3623393af20cc16f0819a0d71cf1_arm64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:77ea535479c2c3e814107d03bd79f670c7c8ce641ff16482065ac7d5a9d818c3_amd64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:9bcb737b6ba68fc378edaa56d3b20900807df3f463c45628f4f2bc12d099b03a_ppc64le",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:b9ffe0abc4785e59a27e0a0d2b6e0c6f9242a73691800252d1c9741bfcc389b4_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22258"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:0578fe32759bccad07a8624017ee4629a21b3623393af20cc16f0819a0d71cf1_arm64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:77ea535479c2c3e814107d03bd79f670c7c8ce641ff16482065ac7d5a9d818c3_amd64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:9bcb737b6ba68fc378edaa56d3b20900807df3f463c45628f4f2bc12d099b03a_ppc64le",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:b9ffe0abc4785e59a27e0a0d2b6e0c6f9242a73691800252d1c9741bfcc389b4_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:0578fe32759bccad07a8624017ee4629a21b3623393af20cc16f0819a0d71cf1_arm64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:77ea535479c2c3e814107d03bd79f670c7c8ce641ff16482065ac7d5a9d818c3_amd64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:9bcb737b6ba68fc378edaa56d3b20900807df3f463c45628f4f2bc12d099b03a_ppc64le",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-8-rhel8@sha256:b9ffe0abc4785e59a27e0a0d2b6e0c6f9242a73691800252d1c9741bfcc389b4_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object"
}
]
}
RHSA-2026:22260
Vulnerability from csaf_redhat - Published: 2026-06-01 06:45 - Updated: 2026-07-14 05:56A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:5a9521f8da26d292b340af25e3aaa6813ccbd332447530011ba0197cb922c683_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:76f9aeb931bde7710f763310488da882875c7e0228b1da41d1c74f24e7d1b2b5_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:7f32362ab1f5f8923f326ee2e3711c156848803a0c3a11d5740d8206eb93b98a_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:a94a7be1120a24a70639cd6352204a1f496c71c53acc45c2730486dcde5c6869_ppc64le | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:18b8d484378161bc70f15f0e0148a1c4a54d3c3843b676bc4de766ecce005602_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:59781441af0a7b8dacb7bd3e96f145708138cc42d1bf35ad0d7be5309a9dd527_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:90d322c01dccbd64c89b117926db10355216a926448e33b1998b73dcd52c1701_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:dddf9226f3e958a2d8cd9a34c57477adbdd85d87be8a416ff17a79c28656208d_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:199c0dbad44d8e7aec185a017c06b54472efd3ccba556c6a7d1f43cfe52eaf83_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:4db21d9cd00d79bbab581beda640d75b80113cd0d3f3bd2592fdaeab8572119a_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:6f10fd242bacc0304f5e485b0caa779a9ddee62ff7511f7a2d02281745b9b832_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:7bd1972beb9149061fd238e6f5802bc90ac29cf46abbeffb1174c00da99c1fbf_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:9ccd98456ed77735b40bfc15e60351c1392cf7a5fc43ba19c6c9535d40889cbd_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:9e8cfc4f388375dd3c925dc4378bf703ca8a4c8b1fab7b1265b90940bfbe34a3_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:a013400acf243733951e70e9c14111ade95b8eb6968cb7580859ba33e91c0b3b_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:b3fe27ef87a511566ae28f5247df9315e1f0809fd78d4a767494decbe960ee21_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:0c50fbc44a442c810d1c9999d3d45e858ce4c9b49ea047bc80a691a7b23e8252_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7036633b0a8c627df65b1cdcd1b9ec9acfaf3d621a6125bd7d24e0c0a88b5a80_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7541aaa488c30653e5ef3738c3bbad68aa32d62b968cbf82225f658ce073ee08_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:c84ba6175bdce3b74458c3831e8d01917acd5f3599f47a54936b6331063c6da7_s390x | — |
A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:5a9521f8da26d292b340af25e3aaa6813ccbd332447530011ba0197cb922c683_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:76f9aeb931bde7710f763310488da882875c7e0228b1da41d1c74f24e7d1b2b5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:7f32362ab1f5f8923f326ee2e3711c156848803a0c3a11d5740d8206eb93b98a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:a94a7be1120a24a70639cd6352204a1f496c71c53acc45c2730486dcde5c6869_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:18b8d484378161bc70f15f0e0148a1c4a54d3c3843b676bc4de766ecce005602_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:59781441af0a7b8dacb7bd3e96f145708138cc42d1bf35ad0d7be5309a9dd527_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:90d322c01dccbd64c89b117926db10355216a926448e33b1998b73dcd52c1701_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:dddf9226f3e958a2d8cd9a34c57477adbdd85d87be8a416ff17a79c28656208d_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:199c0dbad44d8e7aec185a017c06b54472efd3ccba556c6a7d1f43cfe52eaf83_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:4db21d9cd00d79bbab581beda640d75b80113cd0d3f3bd2592fdaeab8572119a_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:6f10fd242bacc0304f5e485b0caa779a9ddee62ff7511f7a2d02281745b9b832_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:7bd1972beb9149061fd238e6f5802bc90ac29cf46abbeffb1174c00da99c1fbf_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:9ccd98456ed77735b40bfc15e60351c1392cf7a5fc43ba19c6c9535d40889cbd_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:9e8cfc4f388375dd3c925dc4378bf703ca8a4c8b1fab7b1265b90940bfbe34a3_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:a013400acf243733951e70e9c14111ade95b8eb6968cb7580859ba33e91c0b3b_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:b3fe27ef87a511566ae28f5247df9315e1f0809fd78d4a767494decbe960ee21_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:0c50fbc44a442c810d1c9999d3d45e858ce4c9b49ea047bc80a691a7b23e8252_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7036633b0a8c627df65b1cdcd1b9ec9acfaf3d621a6125bd7d24e0c0a88b5a80_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7541aaa488c30653e5ef3738c3bbad68aa32d62b968cbf82225f658ce073ee08_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:c84ba6175bdce3b74458c3831e8d01917acd5f3599f47a54936b6331063c6da7_s390x | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Assisted installer RHEL 9 components for the multicluster engine for Kubernetes 2.8.7 General Availability release, with updates to container images.",
"title": "Topic"
},
{
"category": "general",
"text": "Assisted Installer RHEL 9 integrates components for the general multicluster engine\nfor Kubernetes 2.8.7 release that simplify the process of deploying OpenShift Container\nPlatform clusters.\n\nThe multicluster engine for Kubernetes provides the foundational components\nthat are necessary for the centralized management of multiple\nKubernetes-based clusters across data centers, public clouds, and private\nclouds.\n\nYou can use the engine to create new Red Hat OpenShift Container Platform\nclusters, or to import existing Kubernetes-based clusters for management.\n\nAfter the clusters are managed, you can use the APIs that\nare provided by the engine to distribute configuration based on placement\npolicy.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:22260",
"url": "https://access.redhat.com/errata/RHSA-2026:22260"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32280",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-34986",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_22260.json"
}
],
"title": "Red Hat Security Advisory: Assisted Installer RHEL 9 components for Multicluster Engine for Kubernetes 2.8.7",
"tracking": {
"current_release_date": "2026-07-14T05:56:47+00:00",
"generator": {
"date": "2026-07-14T05:56:47+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.2"
}
},
"id": "RHSA-2026:22260",
"initial_release_date": "2026-06-01T06:45:33+00:00",
"revision_history": [
{
"date": "2026-06-01T06:45:33+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-01T06:45:36+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-14T05:56:47+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "multicluster engine for Kubernetes 2.8",
"product": {
"name": "multicluster engine for Kubernetes 2.8",
"product_id": "multicluster engine for Kubernetes 2.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:multicluster_engine:2.8::el9"
}
}
}
],
"category": "product_family",
"name": "multicluster engine for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:59781441af0a7b8dacb7bd3e96f145708138cc42d1bf35ad0d7be5309a9dd527_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:59781441af0a7b8dacb7bd3e96f145708138cc42d1bf35ad0d7be5309a9dd527_amd64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:59781441af0a7b8dacb7bd3e96f145708138cc42d1bf35ad0d7be5309a9dd527_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-image-service-rhel9@sha256%3A59781441af0a7b8dacb7bd3e96f145708138cc42d1bf35ad0d7be5309a9dd527?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-image-service-rhel9\u0026tag=1779951423"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7541aaa488c30653e5ef3738c3bbad68aa32d62b968cbf82225f658ce073ee08_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7541aaa488c30653e5ef3738c3bbad68aa32d62b968cbf82225f658ce073ee08_amd64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7541aaa488c30653e5ef3738c3bbad68aa32d62b968cbf82225f658ce073ee08_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-rhel9@sha256%3A7541aaa488c30653e5ef3738c3bbad68aa32d62b968cbf82225f658ce073ee08?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-rhel9\u0026tag=1779951516"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:6f10fd242bacc0304f5e485b0caa779a9ddee62ff7511f7a2d02281745b9b832_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:6f10fd242bacc0304f5e485b0caa779a9ddee62ff7511f7a2d02281745b9b832_amd64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:6f10fd242bacc0304f5e485b0caa779a9ddee62ff7511f7a2d02281745b9b832_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-agent-rhel9@sha256%3A6f10fd242bacc0304f5e485b0caa779a9ddee62ff7511f7a2d02281745b9b832?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9\u0026tag=1779707524"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:b3fe27ef87a511566ae28f5247df9315e1f0809fd78d4a767494decbe960ee21_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:b3fe27ef87a511566ae28f5247df9315e1f0809fd78d4a767494decbe960ee21_amd64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:b3fe27ef87a511566ae28f5247df9315e1f0809fd78d4a767494decbe960ee21_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-controller-rhel9@sha256%3Ab3fe27ef87a511566ae28f5247df9315e1f0809fd78d4a767494decbe960ee21?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9\u0026tag=1779951762"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:76f9aeb931bde7710f763310488da882875c7e0228b1da41d1c74f24e7d1b2b5_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:76f9aeb931bde7710f763310488da882875c7e0228b1da41d1c74f24e7d1b2b5_amd64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:76f9aeb931bde7710f763310488da882875c7e0228b1da41d1c74f24e7d1b2b5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-service-9-rhel9@sha256%3A76f9aeb931bde7710f763310488da882875c7e0228b1da41d1c74f24e7d1b2b5?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-service-9-rhel9\u0026tag=1779910129"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:dddf9226f3e958a2d8cd9a34c57477adbdd85d87be8a416ff17a79c28656208d_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:dddf9226f3e958a2d8cd9a34c57477adbdd85d87be8a416ff17a79c28656208d_arm64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:dddf9226f3e958a2d8cd9a34c57477adbdd85d87be8a416ff17a79c28656208d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-image-service-rhel9@sha256%3Adddf9226f3e958a2d8cd9a34c57477adbdd85d87be8a416ff17a79c28656208d?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-image-service-rhel9\u0026tag=1779951423"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7036633b0a8c627df65b1cdcd1b9ec9acfaf3d621a6125bd7d24e0c0a88b5a80_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7036633b0a8c627df65b1cdcd1b9ec9acfaf3d621a6125bd7d24e0c0a88b5a80_arm64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7036633b0a8c627df65b1cdcd1b9ec9acfaf3d621a6125bd7d24e0c0a88b5a80_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-rhel9@sha256%3A7036633b0a8c627df65b1cdcd1b9ec9acfaf3d621a6125bd7d24e0c0a88b5a80?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-rhel9\u0026tag=1779951516"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:7bd1972beb9149061fd238e6f5802bc90ac29cf46abbeffb1174c00da99c1fbf_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:7bd1972beb9149061fd238e6f5802bc90ac29cf46abbeffb1174c00da99c1fbf_arm64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:7bd1972beb9149061fd238e6f5802bc90ac29cf46abbeffb1174c00da99c1fbf_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-agent-rhel9@sha256%3A7bd1972beb9149061fd238e6f5802bc90ac29cf46abbeffb1174c00da99c1fbf?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9\u0026tag=1779707524"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:9e8cfc4f388375dd3c925dc4378bf703ca8a4c8b1fab7b1265b90940bfbe34a3_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:9e8cfc4f388375dd3c925dc4378bf703ca8a4c8b1fab7b1265b90940bfbe34a3_arm64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:9e8cfc4f388375dd3c925dc4378bf703ca8a4c8b1fab7b1265b90940bfbe34a3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-controller-rhel9@sha256%3A9e8cfc4f388375dd3c925dc4378bf703ca8a4c8b1fab7b1265b90940bfbe34a3?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9\u0026tag=1779951762"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:7f32362ab1f5f8923f326ee2e3711c156848803a0c3a11d5740d8206eb93b98a_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:7f32362ab1f5f8923f326ee2e3711c156848803a0c3a11d5740d8206eb93b98a_arm64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:7f32362ab1f5f8923f326ee2e3711c156848803a0c3a11d5740d8206eb93b98a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-service-9-rhel9@sha256%3A7f32362ab1f5f8923f326ee2e3711c156848803a0c3a11d5740d8206eb93b98a?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-service-9-rhel9\u0026tag=1779910129"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:18b8d484378161bc70f15f0e0148a1c4a54d3c3843b676bc4de766ecce005602_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:18b8d484378161bc70f15f0e0148a1c4a54d3c3843b676bc4de766ecce005602_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:18b8d484378161bc70f15f0e0148a1c4a54d3c3843b676bc4de766ecce005602_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-image-service-rhel9@sha256%3A18b8d484378161bc70f15f0e0148a1c4a54d3c3843b676bc4de766ecce005602?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-image-service-rhel9\u0026tag=1779951423"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:0c50fbc44a442c810d1c9999d3d45e858ce4c9b49ea047bc80a691a7b23e8252_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:0c50fbc44a442c810d1c9999d3d45e858ce4c9b49ea047bc80a691a7b23e8252_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:0c50fbc44a442c810d1c9999d3d45e858ce4c9b49ea047bc80a691a7b23e8252_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-rhel9@sha256%3A0c50fbc44a442c810d1c9999d3d45e858ce4c9b49ea047bc80a691a7b23e8252?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-rhel9\u0026tag=1779951516"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:199c0dbad44d8e7aec185a017c06b54472efd3ccba556c6a7d1f43cfe52eaf83_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:199c0dbad44d8e7aec185a017c06b54472efd3ccba556c6a7d1f43cfe52eaf83_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:199c0dbad44d8e7aec185a017c06b54472efd3ccba556c6a7d1f43cfe52eaf83_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-agent-rhel9@sha256%3A199c0dbad44d8e7aec185a017c06b54472efd3ccba556c6a7d1f43cfe52eaf83?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9\u0026tag=1779707524"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:a013400acf243733951e70e9c14111ade95b8eb6968cb7580859ba33e91c0b3b_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:a013400acf243733951e70e9c14111ade95b8eb6968cb7580859ba33e91c0b3b_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:a013400acf243733951e70e9c14111ade95b8eb6968cb7580859ba33e91c0b3b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-controller-rhel9@sha256%3Aa013400acf243733951e70e9c14111ade95b8eb6968cb7580859ba33e91c0b3b?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9\u0026tag=1779951762"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:a94a7be1120a24a70639cd6352204a1f496c71c53acc45c2730486dcde5c6869_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:a94a7be1120a24a70639cd6352204a1f496c71c53acc45c2730486dcde5c6869_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:a94a7be1120a24a70639cd6352204a1f496c71c53acc45c2730486dcde5c6869_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-service-9-rhel9@sha256%3Aa94a7be1120a24a70639cd6352204a1f496c71c53acc45c2730486dcde5c6869?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-service-9-rhel9\u0026tag=1779910129"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:90d322c01dccbd64c89b117926db10355216a926448e33b1998b73dcd52c1701_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:90d322c01dccbd64c89b117926db10355216a926448e33b1998b73dcd52c1701_s390x",
"product_id": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:90d322c01dccbd64c89b117926db10355216a926448e33b1998b73dcd52c1701_s390x",
"product_identification_helper": {
"purl": "pkg:oci/assisted-image-service-rhel9@sha256%3A90d322c01dccbd64c89b117926db10355216a926448e33b1998b73dcd52c1701?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-image-service-rhel9\u0026tag=1779951423"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:c84ba6175bdce3b74458c3831e8d01917acd5f3599f47a54936b6331063c6da7_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:c84ba6175bdce3b74458c3831e8d01917acd5f3599f47a54936b6331063c6da7_s390x",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:c84ba6175bdce3b74458c3831e8d01917acd5f3599f47a54936b6331063c6da7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-rhel9@sha256%3Ac84ba6175bdce3b74458c3831e8d01917acd5f3599f47a54936b6331063c6da7?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-rhel9\u0026tag=1779951516"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:4db21d9cd00d79bbab581beda640d75b80113cd0d3f3bd2592fdaeab8572119a_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:4db21d9cd00d79bbab581beda640d75b80113cd0d3f3bd2592fdaeab8572119a_s390x",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:4db21d9cd00d79bbab581beda640d75b80113cd0d3f3bd2592fdaeab8572119a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-agent-rhel9@sha256%3A4db21d9cd00d79bbab581beda640d75b80113cd0d3f3bd2592fdaeab8572119a?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9\u0026tag=1779707524"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:9ccd98456ed77735b40bfc15e60351c1392cf7a5fc43ba19c6c9535d40889cbd_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:9ccd98456ed77735b40bfc15e60351c1392cf7a5fc43ba19c6c9535d40889cbd_s390x",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:9ccd98456ed77735b40bfc15e60351c1392cf7a5fc43ba19c6c9535d40889cbd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-controller-rhel9@sha256%3A9ccd98456ed77735b40bfc15e60351c1392cf7a5fc43ba19c6c9535d40889cbd?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9\u0026tag=1779951762"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:5a9521f8da26d292b340af25e3aaa6813ccbd332447530011ba0197cb922c683_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:5a9521f8da26d292b340af25e3aaa6813ccbd332447530011ba0197cb922c683_s390x",
"product_id": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:5a9521f8da26d292b340af25e3aaa6813ccbd332447530011ba0197cb922c683_s390x",
"product_identification_helper": {
"purl": "pkg:oci/assisted-service-9-rhel9@sha256%3A5a9521f8da26d292b340af25e3aaa6813ccbd332447530011ba0197cb922c683?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-service-9-rhel9\u0026tag=1779910129"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:18b8d484378161bc70f15f0e0148a1c4a54d3c3843b676bc4de766ecce005602_ppc64le as a component of multicluster engine for Kubernetes 2.8",
"product_id": "multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:18b8d484378161bc70f15f0e0148a1c4a54d3c3843b676bc4de766ecce005602_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:18b8d484378161bc70f15f0e0148a1c4a54d3c3843b676bc4de766ecce005602_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:59781441af0a7b8dacb7bd3e96f145708138cc42d1bf35ad0d7be5309a9dd527_amd64 as a component of multicluster engine for Kubernetes 2.8",
"product_id": "multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:59781441af0a7b8dacb7bd3e96f145708138cc42d1bf35ad0d7be5309a9dd527_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:59781441af0a7b8dacb7bd3e96f145708138cc42d1bf35ad0d7be5309a9dd527_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:90d322c01dccbd64c89b117926db10355216a926448e33b1998b73dcd52c1701_s390x as a component of multicluster engine for Kubernetes 2.8",
"product_id": "multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:90d322c01dccbd64c89b117926db10355216a926448e33b1998b73dcd52c1701_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:90d322c01dccbd64c89b117926db10355216a926448e33b1998b73dcd52c1701_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:dddf9226f3e958a2d8cd9a34c57477adbdd85d87be8a416ff17a79c28656208d_arm64 as a component of multicluster engine for Kubernetes 2.8",
"product_id": "multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:dddf9226f3e958a2d8cd9a34c57477adbdd85d87be8a416ff17a79c28656208d_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:dddf9226f3e958a2d8cd9a34c57477adbdd85d87be8a416ff17a79c28656208d_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:199c0dbad44d8e7aec185a017c06b54472efd3ccba556c6a7d1f43cfe52eaf83_ppc64le as a component of multicluster engine for Kubernetes 2.8",
"product_id": "multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:199c0dbad44d8e7aec185a017c06b54472efd3ccba556c6a7d1f43cfe52eaf83_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:199c0dbad44d8e7aec185a017c06b54472efd3ccba556c6a7d1f43cfe52eaf83_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:4db21d9cd00d79bbab581beda640d75b80113cd0d3f3bd2592fdaeab8572119a_s390x as a component of multicluster engine for Kubernetes 2.8",
"product_id": "multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:4db21d9cd00d79bbab581beda640d75b80113cd0d3f3bd2592fdaeab8572119a_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:4db21d9cd00d79bbab581beda640d75b80113cd0d3f3bd2592fdaeab8572119a_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:6f10fd242bacc0304f5e485b0caa779a9ddee62ff7511f7a2d02281745b9b832_amd64 as a component of multicluster engine for Kubernetes 2.8",
"product_id": "multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:6f10fd242bacc0304f5e485b0caa779a9ddee62ff7511f7a2d02281745b9b832_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:6f10fd242bacc0304f5e485b0caa779a9ddee62ff7511f7a2d02281745b9b832_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:7bd1972beb9149061fd238e6f5802bc90ac29cf46abbeffb1174c00da99c1fbf_arm64 as a component of multicluster engine for Kubernetes 2.8",
"product_id": "multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:7bd1972beb9149061fd238e6f5802bc90ac29cf46abbeffb1174c00da99c1fbf_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:7bd1972beb9149061fd238e6f5802bc90ac29cf46abbeffb1174c00da99c1fbf_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:9ccd98456ed77735b40bfc15e60351c1392cf7a5fc43ba19c6c9535d40889cbd_s390x as a component of multicluster engine for Kubernetes 2.8",
"product_id": "multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:9ccd98456ed77735b40bfc15e60351c1392cf7a5fc43ba19c6c9535d40889cbd_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:9ccd98456ed77735b40bfc15e60351c1392cf7a5fc43ba19c6c9535d40889cbd_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:9e8cfc4f388375dd3c925dc4378bf703ca8a4c8b1fab7b1265b90940bfbe34a3_arm64 as a component of multicluster engine for Kubernetes 2.8",
"product_id": "multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:9e8cfc4f388375dd3c925dc4378bf703ca8a4c8b1fab7b1265b90940bfbe34a3_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:9e8cfc4f388375dd3c925dc4378bf703ca8a4c8b1fab7b1265b90940bfbe34a3_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:a013400acf243733951e70e9c14111ade95b8eb6968cb7580859ba33e91c0b3b_ppc64le as a component of multicluster engine for Kubernetes 2.8",
"product_id": "multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:a013400acf243733951e70e9c14111ade95b8eb6968cb7580859ba33e91c0b3b_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:a013400acf243733951e70e9c14111ade95b8eb6968cb7580859ba33e91c0b3b_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:b3fe27ef87a511566ae28f5247df9315e1f0809fd78d4a767494decbe960ee21_amd64 as a component of multicluster engine for Kubernetes 2.8",
"product_id": "multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:b3fe27ef87a511566ae28f5247df9315e1f0809fd78d4a767494decbe960ee21_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:b3fe27ef87a511566ae28f5247df9315e1f0809fd78d4a767494decbe960ee21_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:0c50fbc44a442c810d1c9999d3d45e858ce4c9b49ea047bc80a691a7b23e8252_ppc64le as a component of multicluster engine for Kubernetes 2.8",
"product_id": "multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:0c50fbc44a442c810d1c9999d3d45e858ce4c9b49ea047bc80a691a7b23e8252_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:0c50fbc44a442c810d1c9999d3d45e858ce4c9b49ea047bc80a691a7b23e8252_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7036633b0a8c627df65b1cdcd1b9ec9acfaf3d621a6125bd7d24e0c0a88b5a80_arm64 as a component of multicluster engine for Kubernetes 2.8",
"product_id": "multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7036633b0a8c627df65b1cdcd1b9ec9acfaf3d621a6125bd7d24e0c0a88b5a80_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7036633b0a8c627df65b1cdcd1b9ec9acfaf3d621a6125bd7d24e0c0a88b5a80_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7541aaa488c30653e5ef3738c3bbad68aa32d62b968cbf82225f658ce073ee08_amd64 as a component of multicluster engine for Kubernetes 2.8",
"product_id": "multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7541aaa488c30653e5ef3738c3bbad68aa32d62b968cbf82225f658ce073ee08_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7541aaa488c30653e5ef3738c3bbad68aa32d62b968cbf82225f658ce073ee08_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:c84ba6175bdce3b74458c3831e8d01917acd5f3599f47a54936b6331063c6da7_s390x as a component of multicluster engine for Kubernetes 2.8",
"product_id": "multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:c84ba6175bdce3b74458c3831e8d01917acd5f3599f47a54936b6331063c6da7_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:c84ba6175bdce3b74458c3831e8d01917acd5f3599f47a54936b6331063c6da7_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:5a9521f8da26d292b340af25e3aaa6813ccbd332447530011ba0197cb922c683_s390x as a component of multicluster engine for Kubernetes 2.8",
"product_id": "multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:5a9521f8da26d292b340af25e3aaa6813ccbd332447530011ba0197cb922c683_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:5a9521f8da26d292b340af25e3aaa6813ccbd332447530011ba0197cb922c683_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:76f9aeb931bde7710f763310488da882875c7e0228b1da41d1c74f24e7d1b2b5_amd64 as a component of multicluster engine for Kubernetes 2.8",
"product_id": "multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:76f9aeb931bde7710f763310488da882875c7e0228b1da41d1c74f24e7d1b2b5_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:76f9aeb931bde7710f763310488da882875c7e0228b1da41d1c74f24e7d1b2b5_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:7f32362ab1f5f8923f326ee2e3711c156848803a0c3a11d5740d8206eb93b98a_arm64 as a component of multicluster engine for Kubernetes 2.8",
"product_id": "multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:7f32362ab1f5f8923f326ee2e3711c156848803a0c3a11d5740d8206eb93b98a_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:7f32362ab1f5f8923f326ee2e3711c156848803a0c3a11d5740d8206eb93b98a_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:a94a7be1120a24a70639cd6352204a1f496c71c53acc45c2730486dcde5c6869_ppc64le as a component of multicluster engine for Kubernetes 2.8",
"product_id": "multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:a94a7be1120a24a70639cd6352204a1f496c71c53acc45c2730486dcde5c6869_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:a94a7be1120a24a70639cd6352204a1f496c71c53acc45c2730486dcde5c6869_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.8"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-32280",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-08T02:01:19.572351+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:18b8d484378161bc70f15f0e0148a1c4a54d3c3843b676bc4de766ecce005602_ppc64le",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:59781441af0a7b8dacb7bd3e96f145708138cc42d1bf35ad0d7be5309a9dd527_amd64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:90d322c01dccbd64c89b117926db10355216a926448e33b1998b73dcd52c1701_s390x",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:dddf9226f3e958a2d8cd9a34c57477adbdd85d87be8a416ff17a79c28656208d_arm64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:199c0dbad44d8e7aec185a017c06b54472efd3ccba556c6a7d1f43cfe52eaf83_ppc64le",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:4db21d9cd00d79bbab581beda640d75b80113cd0d3f3bd2592fdaeab8572119a_s390x",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:6f10fd242bacc0304f5e485b0caa779a9ddee62ff7511f7a2d02281745b9b832_amd64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:7bd1972beb9149061fd238e6f5802bc90ac29cf46abbeffb1174c00da99c1fbf_arm64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:9ccd98456ed77735b40bfc15e60351c1392cf7a5fc43ba19c6c9535d40889cbd_s390x",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:9e8cfc4f388375dd3c925dc4378bf703ca8a4c8b1fab7b1265b90940bfbe34a3_arm64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:a013400acf243733951e70e9c14111ade95b8eb6968cb7580859ba33e91c0b3b_ppc64le",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:b3fe27ef87a511566ae28f5247df9315e1f0809fd78d4a767494decbe960ee21_amd64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:0c50fbc44a442c810d1c9999d3d45e858ce4c9b49ea047bc80a691a7b23e8252_ppc64le",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7036633b0a8c627df65b1cdcd1b9ec9acfaf3d621a6125bd7d24e0c0a88b5a80_arm64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7541aaa488c30653e5ef3738c3bbad68aa32d62b968cbf82225f658ce073ee08_amd64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:c84ba6175bdce3b74458c3831e8d01917acd5f3599f47a54936b6331063c6da7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go standard library\u0027s certificate chain building process. Systems utilizing Go applications that process untrusted TLS certificates or X.509 certificate chains are susceptible to resource exhaustion when presented with an excessive number of intermediate certificates, potentially leading to service unavailability. This flaw impacts applications directly using `crypto/x509` or `crypto/tls`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:5a9521f8da26d292b340af25e3aaa6813ccbd332447530011ba0197cb922c683_s390x",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:76f9aeb931bde7710f763310488da882875c7e0228b1da41d1c74f24e7d1b2b5_amd64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:7f32362ab1f5f8923f326ee2e3711c156848803a0c3a11d5740d8206eb93b98a_arm64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:a94a7be1120a24a70639cd6352204a1f496c71c53acc45c2730486dcde5c6869_ppc64le"
],
"known_not_affected": [
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:18b8d484378161bc70f15f0e0148a1c4a54d3c3843b676bc4de766ecce005602_ppc64le",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:59781441af0a7b8dacb7bd3e96f145708138cc42d1bf35ad0d7be5309a9dd527_amd64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:90d322c01dccbd64c89b117926db10355216a926448e33b1998b73dcd52c1701_s390x",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:dddf9226f3e958a2d8cd9a34c57477adbdd85d87be8a416ff17a79c28656208d_arm64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:199c0dbad44d8e7aec185a017c06b54472efd3ccba556c6a7d1f43cfe52eaf83_ppc64le",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:4db21d9cd00d79bbab581beda640d75b80113cd0d3f3bd2592fdaeab8572119a_s390x",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:6f10fd242bacc0304f5e485b0caa779a9ddee62ff7511f7a2d02281745b9b832_amd64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:7bd1972beb9149061fd238e6f5802bc90ac29cf46abbeffb1174c00da99c1fbf_arm64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:9ccd98456ed77735b40bfc15e60351c1392cf7a5fc43ba19c6c9535d40889cbd_s390x",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:9e8cfc4f388375dd3c925dc4378bf703ca8a4c8b1fab7b1265b90940bfbe34a3_arm64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:a013400acf243733951e70e9c14111ade95b8eb6968cb7580859ba33e91c0b3b_ppc64le",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:b3fe27ef87a511566ae28f5247df9315e1f0809fd78d4a767494decbe960ee21_amd64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:0c50fbc44a442c810d1c9999d3d45e858ce4c9b49ea047bc80a691a7b23e8252_ppc64le",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7036633b0a8c627df65b1cdcd1b9ec9acfaf3d621a6125bd7d24e0c0a88b5a80_arm64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7541aaa488c30653e5ef3738c3bbad68aa32d62b968cbf82225f658ce073ee08_amd64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:c84ba6175bdce3b74458c3831e8d01917acd5f3599f47a54936b6331063c6da7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "RHBZ#2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://go.dev/cl/758320",
"url": "https://go.dev/cl/758320"
},
{
"category": "external",
"summary": "https://go.dev/issue/78282",
"url": "https://go.dev/issue/78282"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4947",
"url": "https://pkg.go.dev/vuln/GO-2026-4947"
}
],
"release_date": "2026-04-08T01:06:58.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-01T06:45:33+00:00",
"details": "For more information about Assisted Installer, see the following documentation:\n\nhttps://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.13/html/clusters/cluster_mce_overview#cim-intro\n\nFor multicluster engine for Kubernetes, see the following documentation for\ndetails on how to install the images:\n\nhttps://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.13/html/clusters/cluster_mce_overview#mce-install-intro\n\nThis documentation will be available after the general availability release of Red Hat Advanced Cluster Management 2.13.",
"product_ids": [
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:5a9521f8da26d292b340af25e3aaa6813ccbd332447530011ba0197cb922c683_s390x",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:76f9aeb931bde7710f763310488da882875c7e0228b1da41d1c74f24e7d1b2b5_amd64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:7f32362ab1f5f8923f326ee2e3711c156848803a0c3a11d5740d8206eb93b98a_arm64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:a94a7be1120a24a70639cd6352204a1f496c71c53acc45c2730486dcde5c6869_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22260"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:18b8d484378161bc70f15f0e0148a1c4a54d3c3843b676bc4de766ecce005602_ppc64le",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:59781441af0a7b8dacb7bd3e96f145708138cc42d1bf35ad0d7be5309a9dd527_amd64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:90d322c01dccbd64c89b117926db10355216a926448e33b1998b73dcd52c1701_s390x",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:dddf9226f3e958a2d8cd9a34c57477adbdd85d87be8a416ff17a79c28656208d_arm64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:199c0dbad44d8e7aec185a017c06b54472efd3ccba556c6a7d1f43cfe52eaf83_ppc64le",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:4db21d9cd00d79bbab581beda640d75b80113cd0d3f3bd2592fdaeab8572119a_s390x",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:6f10fd242bacc0304f5e485b0caa779a9ddee62ff7511f7a2d02281745b9b832_amd64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:7bd1972beb9149061fd238e6f5802bc90ac29cf46abbeffb1174c00da99c1fbf_arm64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:9ccd98456ed77735b40bfc15e60351c1392cf7a5fc43ba19c6c9535d40889cbd_s390x",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:9e8cfc4f388375dd3c925dc4378bf703ca8a4c8b1fab7b1265b90940bfbe34a3_arm64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:a013400acf243733951e70e9c14111ade95b8eb6968cb7580859ba33e91c0b3b_ppc64le",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:b3fe27ef87a511566ae28f5247df9315e1f0809fd78d4a767494decbe960ee21_amd64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:0c50fbc44a442c810d1c9999d3d45e858ce4c9b49ea047bc80a691a7b23e8252_ppc64le",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7036633b0a8c627df65b1cdcd1b9ec9acfaf3d621a6125bd7d24e0c0a88b5a80_arm64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7541aaa488c30653e5ef3738c3bbad68aa32d62b968cbf82225f658ce073ee08_amd64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:c84ba6175bdce3b74458c3831e8d01917acd5f3599f47a54936b6331063c6da7_s390x",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:5a9521f8da26d292b340af25e3aaa6813ccbd332447530011ba0197cb922c683_s390x",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:76f9aeb931bde7710f763310488da882875c7e0228b1da41d1c74f24e7d1b2b5_amd64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:7f32362ab1f5f8923f326ee2e3711c156848803a0c3a11d5740d8206eb93b98a_arm64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:a94a7be1120a24a70639cd6352204a1f496c71c53acc45c2730486dcde5c6869_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
},
{
"cve": "CVE-2026-34986",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-04-06T17:01:34.639203+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:18b8d484378161bc70f15f0e0148a1c4a54d3c3843b676bc4de766ecce005602_ppc64le",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:59781441af0a7b8dacb7bd3e96f145708138cc42d1bf35ad0d7be5309a9dd527_amd64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:90d322c01dccbd64c89b117926db10355216a926448e33b1998b73dcd52c1701_s390x",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:dddf9226f3e958a2d8cd9a34c57477adbdd85d87be8a416ff17a79c28656208d_arm64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:199c0dbad44d8e7aec185a017c06b54472efd3ccba556c6a7d1f43cfe52eaf83_ppc64le",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:4db21d9cd00d79bbab581beda640d75b80113cd0d3f3bd2592fdaeab8572119a_s390x",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:6f10fd242bacc0304f5e485b0caa779a9ddee62ff7511f7a2d02281745b9b832_amd64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:7bd1972beb9149061fd238e6f5802bc90ac29cf46abbeffb1174c00da99c1fbf_arm64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:9ccd98456ed77735b40bfc15e60351c1392cf7a5fc43ba19c6c9535d40889cbd_s390x",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:9e8cfc4f388375dd3c925dc4378bf703ca8a4c8b1fab7b1265b90940bfbe34a3_arm64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:a013400acf243733951e70e9c14111ade95b8eb6968cb7580859ba33e91c0b3b_ppc64le",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:b3fe27ef87a511566ae28f5247df9315e1f0809fd78d4a767494decbe960ee21_amd64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:0c50fbc44a442c810d1c9999d3d45e858ce4c9b49ea047bc80a691a7b23e8252_ppc64le",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7036633b0a8c627df65b1cdcd1b9ec9acfaf3d621a6125bd7d24e0c0a88b5a80_arm64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7541aaa488c30653e5ef3738c3bbad68aa32d62b968cbf82225f658ce073ee08_amd64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:c84ba6175bdce3b74458c3831e8d01917acd5f3599f47a54936b6331063c6da7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455470"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:5a9521f8da26d292b340af25e3aaa6813ccbd332447530011ba0197cb922c683_s390x",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:76f9aeb931bde7710f763310488da882875c7e0228b1da41d1c74f24e7d1b2b5_amd64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:7f32362ab1f5f8923f326ee2e3711c156848803a0c3a11d5740d8206eb93b98a_arm64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:a94a7be1120a24a70639cd6352204a1f496c71c53acc45c2730486dcde5c6869_ppc64le"
],
"known_not_affected": [
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:18b8d484378161bc70f15f0e0148a1c4a54d3c3843b676bc4de766ecce005602_ppc64le",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:59781441af0a7b8dacb7bd3e96f145708138cc42d1bf35ad0d7be5309a9dd527_amd64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:90d322c01dccbd64c89b117926db10355216a926448e33b1998b73dcd52c1701_s390x",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:dddf9226f3e958a2d8cd9a34c57477adbdd85d87be8a416ff17a79c28656208d_arm64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:199c0dbad44d8e7aec185a017c06b54472efd3ccba556c6a7d1f43cfe52eaf83_ppc64le",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:4db21d9cd00d79bbab581beda640d75b80113cd0d3f3bd2592fdaeab8572119a_s390x",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:6f10fd242bacc0304f5e485b0caa779a9ddee62ff7511f7a2d02281745b9b832_amd64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:7bd1972beb9149061fd238e6f5802bc90ac29cf46abbeffb1174c00da99c1fbf_arm64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:9ccd98456ed77735b40bfc15e60351c1392cf7a5fc43ba19c6c9535d40889cbd_s390x",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:9e8cfc4f388375dd3c925dc4378bf703ca8a4c8b1fab7b1265b90940bfbe34a3_arm64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:a013400acf243733951e70e9c14111ade95b8eb6968cb7580859ba33e91c0b3b_ppc64le",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:b3fe27ef87a511566ae28f5247df9315e1f0809fd78d4a767494decbe960ee21_amd64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:0c50fbc44a442c810d1c9999d3d45e858ce4c9b49ea047bc80a691a7b23e8252_ppc64le",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7036633b0a8c627df65b1cdcd1b9ec9acfaf3d621a6125bd7d24e0c0a88b5a80_arm64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7541aaa488c30653e5ef3738c3bbad68aa32d62b968cbf82225f658ce073ee08_amd64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:c84ba6175bdce3b74458c3831e8d01917acd5f3599f47a54936b6331063c6da7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "RHBZ#2455470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-34986",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34986"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants",
"url": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants"
}
],
"release_date": "2026-04-06T16:22:45.353000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-01T06:45:33+00:00",
"details": "For more information about Assisted Installer, see the following documentation:\n\nhttps://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.13/html/clusters/cluster_mce_overview#cim-intro\n\nFor multicluster engine for Kubernetes, see the following documentation for\ndetails on how to install the images:\n\nhttps://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.13/html/clusters/cluster_mce_overview#mce-install-intro\n\nThis documentation will be available after the general availability release of Red Hat Advanced Cluster Management 2.13.",
"product_ids": [
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:5a9521f8da26d292b340af25e3aaa6813ccbd332447530011ba0197cb922c683_s390x",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:76f9aeb931bde7710f763310488da882875c7e0228b1da41d1c74f24e7d1b2b5_amd64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:7f32362ab1f5f8923f326ee2e3711c156848803a0c3a11d5740d8206eb93b98a_arm64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:a94a7be1120a24a70639cd6352204a1f496c71c53acc45c2730486dcde5c6869_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22260"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:18b8d484378161bc70f15f0e0148a1c4a54d3c3843b676bc4de766ecce005602_ppc64le",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:59781441af0a7b8dacb7bd3e96f145708138cc42d1bf35ad0d7be5309a9dd527_amd64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:90d322c01dccbd64c89b117926db10355216a926448e33b1998b73dcd52c1701_s390x",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:dddf9226f3e958a2d8cd9a34c57477adbdd85d87be8a416ff17a79c28656208d_arm64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:199c0dbad44d8e7aec185a017c06b54472efd3ccba556c6a7d1f43cfe52eaf83_ppc64le",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:4db21d9cd00d79bbab581beda640d75b80113cd0d3f3bd2592fdaeab8572119a_s390x",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:6f10fd242bacc0304f5e485b0caa779a9ddee62ff7511f7a2d02281745b9b832_amd64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:7bd1972beb9149061fd238e6f5802bc90ac29cf46abbeffb1174c00da99c1fbf_arm64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:9ccd98456ed77735b40bfc15e60351c1392cf7a5fc43ba19c6c9535d40889cbd_s390x",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:9e8cfc4f388375dd3c925dc4378bf703ca8a4c8b1fab7b1265b90940bfbe34a3_arm64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:a013400acf243733951e70e9c14111ade95b8eb6968cb7580859ba33e91c0b3b_ppc64le",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:b3fe27ef87a511566ae28f5247df9315e1f0809fd78d4a767494decbe960ee21_amd64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:0c50fbc44a442c810d1c9999d3d45e858ce4c9b49ea047bc80a691a7b23e8252_ppc64le",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7036633b0a8c627df65b1cdcd1b9ec9acfaf3d621a6125bd7d24e0c0a88b5a80_arm64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7541aaa488c30653e5ef3738c3bbad68aa32d62b968cbf82225f658ce073ee08_amd64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:c84ba6175bdce3b74458c3831e8d01917acd5f3599f47a54936b6331063c6da7_s390x",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:5a9521f8da26d292b340af25e3aaa6813ccbd332447530011ba0197cb922c683_s390x",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:76f9aeb931bde7710f763310488da882875c7e0228b1da41d1c74f24e7d1b2b5_amd64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:7f32362ab1f5f8923f326ee2e3711c156848803a0c3a11d5740d8206eb93b98a_arm64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:a94a7be1120a24a70639cd6352204a1f496c71c53acc45c2730486dcde5c6869_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:18b8d484378161bc70f15f0e0148a1c4a54d3c3843b676bc4de766ecce005602_ppc64le",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:59781441af0a7b8dacb7bd3e96f145708138cc42d1bf35ad0d7be5309a9dd527_amd64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:90d322c01dccbd64c89b117926db10355216a926448e33b1998b73dcd52c1701_s390x",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:dddf9226f3e958a2d8cd9a34c57477adbdd85d87be8a416ff17a79c28656208d_arm64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:199c0dbad44d8e7aec185a017c06b54472efd3ccba556c6a7d1f43cfe52eaf83_ppc64le",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:4db21d9cd00d79bbab581beda640d75b80113cd0d3f3bd2592fdaeab8572119a_s390x",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:6f10fd242bacc0304f5e485b0caa779a9ddee62ff7511f7a2d02281745b9b832_amd64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:7bd1972beb9149061fd238e6f5802bc90ac29cf46abbeffb1174c00da99c1fbf_arm64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:9ccd98456ed77735b40bfc15e60351c1392cf7a5fc43ba19c6c9535d40889cbd_s390x",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:9e8cfc4f388375dd3c925dc4378bf703ca8a4c8b1fab7b1265b90940bfbe34a3_arm64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:a013400acf243733951e70e9c14111ade95b8eb6968cb7580859ba33e91c0b3b_ppc64le",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:b3fe27ef87a511566ae28f5247df9315e1f0809fd78d4a767494decbe960ee21_amd64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:0c50fbc44a442c810d1c9999d3d45e858ce4c9b49ea047bc80a691a7b23e8252_ppc64le",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7036633b0a8c627df65b1cdcd1b9ec9acfaf3d621a6125bd7d24e0c0a88b5a80_arm64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7541aaa488c30653e5ef3738c3bbad68aa32d62b968cbf82225f658ce073ee08_amd64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:c84ba6175bdce3b74458c3831e8d01917acd5f3599f47a54936b6331063c6da7_s390x",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:5a9521f8da26d292b340af25e3aaa6813ccbd332447530011ba0197cb922c683_s390x",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:76f9aeb931bde7710f763310488da882875c7e0228b1da41d1c74f24e7d1b2b5_amd64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:7f32362ab1f5f8923f326ee2e3711c156848803a0c3a11d5740d8206eb93b98a_arm64",
"multicluster engine for Kubernetes 2.8:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:a94a7be1120a24a70639cd6352204a1f496c71c53acc45c2730486dcde5c6869_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object"
}
]
}
RHSA-2026:22268
Vulnerability from csaf_redhat - Published: 2026-06-01 06:52 - Updated: 2026-07-13 23:21A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:123096ce97e8bcf242bb1c99b003abf2daa400a3d046568556c69f4f09b13fe7_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:3c66547641708220be348d6eb2e5c0eef33c36d39987964e4dbd130ce2b63694_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:9930d9200b2e54b173c129dfc27dedde7d9921cc67383b059516be3074bf2901_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:d2e67dfff2b183eaeb15ce21e4fa44b38379c959fcc0d6cd3b94a8d948104edb_ppc64le | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:240c2cef0fb030eab862e126582f17d611ae0af86761e1bd3ac5c7e6cbe957f6_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:5a280accb1fa857d4cc70a11f4adc0734cccd7bf0c430211a8271b03e6fb8c4b_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:72e0250d239399e9c9d3a6d520144a3fece3525c16900c3626a43050d9e36065_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:cba3abaa642778ac075083eee2f3b7be32d00e38865b7626a52613e50bfb3b64_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:188aef7eac5a0fc52d13d116b68129257ee6b2ef3659a72325aa579b773bd180_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:2d0bae5716ae90f260522ec181eeeb214bd244f11705309bcc0d1663b86d42df_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:46d2b40907bedcca3a444920c33d7398a481d6321886a42ac8b5573ccf6be362_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:67e144e58d42b936c0a0fb3bf9ea155e54fbb3d208df538bc701da8252b54367_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:230ae99c97005f071eff0f292c39602bfbf5f529e138c61cc02a863dedde2990_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:30ace9f84abf5a77637474d4521f027c0850ea2f94cfb0221b3bd528b5a2257d_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:33d3b5ff3c0707067dc25c301c2ba0507fd87284b2ca2b0d90c9086155666cbf_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:e91825acb3f57275633dad65e78b1a1d24523a9020848b8c45563ae68c16f35e_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:01340581dc3d52424f8c315a8348ace09750e79d02763ab156b9df209b37c40a_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:03e9dd3d7aa259e38936596b8645a4a4a24f2ab432b0b0255543ec4f6f964794_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7a9075ce458efc08c71544731cfbf02aa31713143f413fe18e044133c1f42b8d_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:e01bede648ea6294f65c9111ad62ca0efc93a426e36e3e341bbdd03ce0fa73f0_s390x | — |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Assisted installer RHEL 9 components for the multicluster engine for Kubernetes 2.11.2 General Availability release, with updates to container images.",
"title": "Topic"
},
{
"category": "general",
"text": "Assisted Installer RHEL 9 integrates components for the general multicluster engine\nfor Kubernetes 2.11.2 release that simplify the process of deploying OpenShift Container\nPlatform clusters.\n\nThe multicluster engine for Kubernetes provides the foundational components\nthat are necessary for the centralized management of multiple\nKubernetes-based clusters across data centers, public clouds, and private\nclouds.\n\nYou can use the engine to create new Red Hat OpenShift Container Platform\nclusters, or to import existing Kubernetes-based clusters for management.\n\nAfter the clusters are managed, you can use the APIs that\nare provided by the engine to distribute configuration based on placement\npolicy.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:22268",
"url": "https://access.redhat.com/errata/RHSA-2026:22268"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32280",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_22268.json"
}
],
"title": "Red Hat Security Advisory: Assisted Installer RHEL 9 components for Multicluster Engine for Kubernetes 2.11.2",
"tracking": {
"current_release_date": "2026-07-13T23:21:48+00:00",
"generator": {
"date": "2026-07-13T23:21:48+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.2"
}
},
"id": "RHSA-2026:22268",
"initial_release_date": "2026-06-01T06:52:41+00:00",
"revision_history": [
{
"date": "2026-06-01T06:52:41+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-01T06:52:53+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-13T23:21:48+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "multicluster engine for Kubernetes 2.11",
"product": {
"name": "multicluster engine for Kubernetes 2.11",
"product_id": "multicluster engine for Kubernetes 2.11",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:multicluster_engine:2.11::el9"
}
}
}
],
"category": "product_family",
"name": "multicluster engine for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:240c2cef0fb030eab862e126582f17d611ae0af86761e1bd3ac5c7e6cbe957f6_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:240c2cef0fb030eab862e126582f17d611ae0af86761e1bd3ac5c7e6cbe957f6_amd64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:240c2cef0fb030eab862e126582f17d611ae0af86761e1bd3ac5c7e6cbe957f6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-image-service-rhel9@sha256%3A240c2cef0fb030eab862e126582f17d611ae0af86761e1bd3ac5c7e6cbe957f6?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-image-service-rhel9\u0026tag=1779262690"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7a9075ce458efc08c71544731cfbf02aa31713143f413fe18e044133c1f42b8d_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7a9075ce458efc08c71544731cfbf02aa31713143f413fe18e044133c1f42b8d_amd64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7a9075ce458efc08c71544731cfbf02aa31713143f413fe18e044133c1f42b8d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-rhel9@sha256%3A7a9075ce458efc08c71544731cfbf02aa31713143f413fe18e044133c1f42b8d?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-rhel9\u0026tag=1779280267"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:67e144e58d42b936c0a0fb3bf9ea155e54fbb3d208df538bc701da8252b54367_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:67e144e58d42b936c0a0fb3bf9ea155e54fbb3d208df538bc701da8252b54367_amd64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:67e144e58d42b936c0a0fb3bf9ea155e54fbb3d208df538bc701da8252b54367_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-agent-rhel9@sha256%3A67e144e58d42b936c0a0fb3bf9ea155e54fbb3d208df538bc701da8252b54367?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9\u0026tag=1779273320"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:230ae99c97005f071eff0f292c39602bfbf5f529e138c61cc02a863dedde2990_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:230ae99c97005f071eff0f292c39602bfbf5f529e138c61cc02a863dedde2990_amd64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:230ae99c97005f071eff0f292c39602bfbf5f529e138c61cc02a863dedde2990_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-controller-rhel9@sha256%3A230ae99c97005f071eff0f292c39602bfbf5f529e138c61cc02a863dedde2990?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9\u0026tag=1779280285"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:3c66547641708220be348d6eb2e5c0eef33c36d39987964e4dbd130ce2b63694_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:3c66547641708220be348d6eb2e5c0eef33c36d39987964e4dbd130ce2b63694_amd64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:3c66547641708220be348d6eb2e5c0eef33c36d39987964e4dbd130ce2b63694_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-service-9-rhel9@sha256%3A3c66547641708220be348d6eb2e5c0eef33c36d39987964e4dbd130ce2b63694?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-service-9-rhel9\u0026tag=1779991600"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:cba3abaa642778ac075083eee2f3b7be32d00e38865b7626a52613e50bfb3b64_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:cba3abaa642778ac075083eee2f3b7be32d00e38865b7626a52613e50bfb3b64_arm64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:cba3abaa642778ac075083eee2f3b7be32d00e38865b7626a52613e50bfb3b64_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-image-service-rhel9@sha256%3Acba3abaa642778ac075083eee2f3b7be32d00e38865b7626a52613e50bfb3b64?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-image-service-rhel9\u0026tag=1779262690"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:03e9dd3d7aa259e38936596b8645a4a4a24f2ab432b0b0255543ec4f6f964794_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:03e9dd3d7aa259e38936596b8645a4a4a24f2ab432b0b0255543ec4f6f964794_arm64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:03e9dd3d7aa259e38936596b8645a4a4a24f2ab432b0b0255543ec4f6f964794_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-rhel9@sha256%3A03e9dd3d7aa259e38936596b8645a4a4a24f2ab432b0b0255543ec4f6f964794?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-rhel9\u0026tag=1779280267"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:46d2b40907bedcca3a444920c33d7398a481d6321886a42ac8b5573ccf6be362_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:46d2b40907bedcca3a444920c33d7398a481d6321886a42ac8b5573ccf6be362_arm64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:46d2b40907bedcca3a444920c33d7398a481d6321886a42ac8b5573ccf6be362_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-agent-rhel9@sha256%3A46d2b40907bedcca3a444920c33d7398a481d6321886a42ac8b5573ccf6be362?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9\u0026tag=1779273320"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:30ace9f84abf5a77637474d4521f027c0850ea2f94cfb0221b3bd528b5a2257d_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:30ace9f84abf5a77637474d4521f027c0850ea2f94cfb0221b3bd528b5a2257d_arm64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:30ace9f84abf5a77637474d4521f027c0850ea2f94cfb0221b3bd528b5a2257d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-controller-rhel9@sha256%3A30ace9f84abf5a77637474d4521f027c0850ea2f94cfb0221b3bd528b5a2257d?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9\u0026tag=1779280285"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:9930d9200b2e54b173c129dfc27dedde7d9921cc67383b059516be3074bf2901_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:9930d9200b2e54b173c129dfc27dedde7d9921cc67383b059516be3074bf2901_arm64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:9930d9200b2e54b173c129dfc27dedde7d9921cc67383b059516be3074bf2901_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-service-9-rhel9@sha256%3A9930d9200b2e54b173c129dfc27dedde7d9921cc67383b059516be3074bf2901?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-service-9-rhel9\u0026tag=1779991600"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:72e0250d239399e9c9d3a6d520144a3fece3525c16900c3626a43050d9e36065_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:72e0250d239399e9c9d3a6d520144a3fece3525c16900c3626a43050d9e36065_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:72e0250d239399e9c9d3a6d520144a3fece3525c16900c3626a43050d9e36065_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-image-service-rhel9@sha256%3A72e0250d239399e9c9d3a6d520144a3fece3525c16900c3626a43050d9e36065?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-image-service-rhel9\u0026tag=1779262690"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:01340581dc3d52424f8c315a8348ace09750e79d02763ab156b9df209b37c40a_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:01340581dc3d52424f8c315a8348ace09750e79d02763ab156b9df209b37c40a_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:01340581dc3d52424f8c315a8348ace09750e79d02763ab156b9df209b37c40a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-rhel9@sha256%3A01340581dc3d52424f8c315a8348ace09750e79d02763ab156b9df209b37c40a?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-rhel9\u0026tag=1779280267"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:2d0bae5716ae90f260522ec181eeeb214bd244f11705309bcc0d1663b86d42df_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:2d0bae5716ae90f260522ec181eeeb214bd244f11705309bcc0d1663b86d42df_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:2d0bae5716ae90f260522ec181eeeb214bd244f11705309bcc0d1663b86d42df_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-agent-rhel9@sha256%3A2d0bae5716ae90f260522ec181eeeb214bd244f11705309bcc0d1663b86d42df?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9\u0026tag=1779273320"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:33d3b5ff3c0707067dc25c301c2ba0507fd87284b2ca2b0d90c9086155666cbf_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:33d3b5ff3c0707067dc25c301c2ba0507fd87284b2ca2b0d90c9086155666cbf_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:33d3b5ff3c0707067dc25c301c2ba0507fd87284b2ca2b0d90c9086155666cbf_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-controller-rhel9@sha256%3A33d3b5ff3c0707067dc25c301c2ba0507fd87284b2ca2b0d90c9086155666cbf?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9\u0026tag=1779280285"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:d2e67dfff2b183eaeb15ce21e4fa44b38379c959fcc0d6cd3b94a8d948104edb_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:d2e67dfff2b183eaeb15ce21e4fa44b38379c959fcc0d6cd3b94a8d948104edb_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:d2e67dfff2b183eaeb15ce21e4fa44b38379c959fcc0d6cd3b94a8d948104edb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-service-9-rhel9@sha256%3Ad2e67dfff2b183eaeb15ce21e4fa44b38379c959fcc0d6cd3b94a8d948104edb?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-service-9-rhel9\u0026tag=1779991600"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:5a280accb1fa857d4cc70a11f4adc0734cccd7bf0c430211a8271b03e6fb8c4b_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:5a280accb1fa857d4cc70a11f4adc0734cccd7bf0c430211a8271b03e6fb8c4b_s390x",
"product_id": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:5a280accb1fa857d4cc70a11f4adc0734cccd7bf0c430211a8271b03e6fb8c4b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/assisted-image-service-rhel9@sha256%3A5a280accb1fa857d4cc70a11f4adc0734cccd7bf0c430211a8271b03e6fb8c4b?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-image-service-rhel9\u0026tag=1779262690"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:e01bede648ea6294f65c9111ad62ca0efc93a426e36e3e341bbdd03ce0fa73f0_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:e01bede648ea6294f65c9111ad62ca0efc93a426e36e3e341bbdd03ce0fa73f0_s390x",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:e01bede648ea6294f65c9111ad62ca0efc93a426e36e3e341bbdd03ce0fa73f0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-rhel9@sha256%3Ae01bede648ea6294f65c9111ad62ca0efc93a426e36e3e341bbdd03ce0fa73f0?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-rhel9\u0026tag=1779280267"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:188aef7eac5a0fc52d13d116b68129257ee6b2ef3659a72325aa579b773bd180_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:188aef7eac5a0fc52d13d116b68129257ee6b2ef3659a72325aa579b773bd180_s390x",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:188aef7eac5a0fc52d13d116b68129257ee6b2ef3659a72325aa579b773bd180_s390x",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-agent-rhel9@sha256%3A188aef7eac5a0fc52d13d116b68129257ee6b2ef3659a72325aa579b773bd180?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9\u0026tag=1779273320"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:e91825acb3f57275633dad65e78b1a1d24523a9020848b8c45563ae68c16f35e_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:e91825acb3f57275633dad65e78b1a1d24523a9020848b8c45563ae68c16f35e_s390x",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:e91825acb3f57275633dad65e78b1a1d24523a9020848b8c45563ae68c16f35e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-controller-rhel9@sha256%3Ae91825acb3f57275633dad65e78b1a1d24523a9020848b8c45563ae68c16f35e?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9\u0026tag=1779280285"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:123096ce97e8bcf242bb1c99b003abf2daa400a3d046568556c69f4f09b13fe7_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:123096ce97e8bcf242bb1c99b003abf2daa400a3d046568556c69f4f09b13fe7_s390x",
"product_id": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:123096ce97e8bcf242bb1c99b003abf2daa400a3d046568556c69f4f09b13fe7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/assisted-service-9-rhel9@sha256%3A123096ce97e8bcf242bb1c99b003abf2daa400a3d046568556c69f4f09b13fe7?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-service-9-rhel9\u0026tag=1779991600"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:240c2cef0fb030eab862e126582f17d611ae0af86761e1bd3ac5c7e6cbe957f6_amd64 as a component of multicluster engine for Kubernetes 2.11",
"product_id": "multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:240c2cef0fb030eab862e126582f17d611ae0af86761e1bd3ac5c7e6cbe957f6_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:240c2cef0fb030eab862e126582f17d611ae0af86761e1bd3ac5c7e6cbe957f6_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:5a280accb1fa857d4cc70a11f4adc0734cccd7bf0c430211a8271b03e6fb8c4b_s390x as a component of multicluster engine for Kubernetes 2.11",
"product_id": "multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:5a280accb1fa857d4cc70a11f4adc0734cccd7bf0c430211a8271b03e6fb8c4b_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:5a280accb1fa857d4cc70a11f4adc0734cccd7bf0c430211a8271b03e6fb8c4b_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:72e0250d239399e9c9d3a6d520144a3fece3525c16900c3626a43050d9e36065_ppc64le as a component of multicluster engine for Kubernetes 2.11",
"product_id": "multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:72e0250d239399e9c9d3a6d520144a3fece3525c16900c3626a43050d9e36065_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:72e0250d239399e9c9d3a6d520144a3fece3525c16900c3626a43050d9e36065_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:cba3abaa642778ac075083eee2f3b7be32d00e38865b7626a52613e50bfb3b64_arm64 as a component of multicluster engine for Kubernetes 2.11",
"product_id": "multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:cba3abaa642778ac075083eee2f3b7be32d00e38865b7626a52613e50bfb3b64_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:cba3abaa642778ac075083eee2f3b7be32d00e38865b7626a52613e50bfb3b64_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:188aef7eac5a0fc52d13d116b68129257ee6b2ef3659a72325aa579b773bd180_s390x as a component of multicluster engine for Kubernetes 2.11",
"product_id": "multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:188aef7eac5a0fc52d13d116b68129257ee6b2ef3659a72325aa579b773bd180_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:188aef7eac5a0fc52d13d116b68129257ee6b2ef3659a72325aa579b773bd180_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:2d0bae5716ae90f260522ec181eeeb214bd244f11705309bcc0d1663b86d42df_ppc64le as a component of multicluster engine for Kubernetes 2.11",
"product_id": "multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:2d0bae5716ae90f260522ec181eeeb214bd244f11705309bcc0d1663b86d42df_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:2d0bae5716ae90f260522ec181eeeb214bd244f11705309bcc0d1663b86d42df_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:46d2b40907bedcca3a444920c33d7398a481d6321886a42ac8b5573ccf6be362_arm64 as a component of multicluster engine for Kubernetes 2.11",
"product_id": "multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:46d2b40907bedcca3a444920c33d7398a481d6321886a42ac8b5573ccf6be362_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:46d2b40907bedcca3a444920c33d7398a481d6321886a42ac8b5573ccf6be362_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:67e144e58d42b936c0a0fb3bf9ea155e54fbb3d208df538bc701da8252b54367_amd64 as a component of multicluster engine for Kubernetes 2.11",
"product_id": "multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:67e144e58d42b936c0a0fb3bf9ea155e54fbb3d208df538bc701da8252b54367_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:67e144e58d42b936c0a0fb3bf9ea155e54fbb3d208df538bc701da8252b54367_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:230ae99c97005f071eff0f292c39602bfbf5f529e138c61cc02a863dedde2990_amd64 as a component of multicluster engine for Kubernetes 2.11",
"product_id": "multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:230ae99c97005f071eff0f292c39602bfbf5f529e138c61cc02a863dedde2990_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:230ae99c97005f071eff0f292c39602bfbf5f529e138c61cc02a863dedde2990_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:30ace9f84abf5a77637474d4521f027c0850ea2f94cfb0221b3bd528b5a2257d_arm64 as a component of multicluster engine for Kubernetes 2.11",
"product_id": "multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:30ace9f84abf5a77637474d4521f027c0850ea2f94cfb0221b3bd528b5a2257d_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:30ace9f84abf5a77637474d4521f027c0850ea2f94cfb0221b3bd528b5a2257d_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:33d3b5ff3c0707067dc25c301c2ba0507fd87284b2ca2b0d90c9086155666cbf_ppc64le as a component of multicluster engine for Kubernetes 2.11",
"product_id": "multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:33d3b5ff3c0707067dc25c301c2ba0507fd87284b2ca2b0d90c9086155666cbf_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:33d3b5ff3c0707067dc25c301c2ba0507fd87284b2ca2b0d90c9086155666cbf_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:e91825acb3f57275633dad65e78b1a1d24523a9020848b8c45563ae68c16f35e_s390x as a component of multicluster engine for Kubernetes 2.11",
"product_id": "multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:e91825acb3f57275633dad65e78b1a1d24523a9020848b8c45563ae68c16f35e_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:e91825acb3f57275633dad65e78b1a1d24523a9020848b8c45563ae68c16f35e_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:01340581dc3d52424f8c315a8348ace09750e79d02763ab156b9df209b37c40a_ppc64le as a component of multicluster engine for Kubernetes 2.11",
"product_id": "multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:01340581dc3d52424f8c315a8348ace09750e79d02763ab156b9df209b37c40a_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:01340581dc3d52424f8c315a8348ace09750e79d02763ab156b9df209b37c40a_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:03e9dd3d7aa259e38936596b8645a4a4a24f2ab432b0b0255543ec4f6f964794_arm64 as a component of multicluster engine for Kubernetes 2.11",
"product_id": "multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:03e9dd3d7aa259e38936596b8645a4a4a24f2ab432b0b0255543ec4f6f964794_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:03e9dd3d7aa259e38936596b8645a4a4a24f2ab432b0b0255543ec4f6f964794_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7a9075ce458efc08c71544731cfbf02aa31713143f413fe18e044133c1f42b8d_amd64 as a component of multicluster engine for Kubernetes 2.11",
"product_id": "multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7a9075ce458efc08c71544731cfbf02aa31713143f413fe18e044133c1f42b8d_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7a9075ce458efc08c71544731cfbf02aa31713143f413fe18e044133c1f42b8d_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:e01bede648ea6294f65c9111ad62ca0efc93a426e36e3e341bbdd03ce0fa73f0_s390x as a component of multicluster engine for Kubernetes 2.11",
"product_id": "multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:e01bede648ea6294f65c9111ad62ca0efc93a426e36e3e341bbdd03ce0fa73f0_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:e01bede648ea6294f65c9111ad62ca0efc93a426e36e3e341bbdd03ce0fa73f0_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:123096ce97e8bcf242bb1c99b003abf2daa400a3d046568556c69f4f09b13fe7_s390x as a component of multicluster engine for Kubernetes 2.11",
"product_id": "multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:123096ce97e8bcf242bb1c99b003abf2daa400a3d046568556c69f4f09b13fe7_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:123096ce97e8bcf242bb1c99b003abf2daa400a3d046568556c69f4f09b13fe7_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:3c66547641708220be348d6eb2e5c0eef33c36d39987964e4dbd130ce2b63694_amd64 as a component of multicluster engine for Kubernetes 2.11",
"product_id": "multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:3c66547641708220be348d6eb2e5c0eef33c36d39987964e4dbd130ce2b63694_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:3c66547641708220be348d6eb2e5c0eef33c36d39987964e4dbd130ce2b63694_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:9930d9200b2e54b173c129dfc27dedde7d9921cc67383b059516be3074bf2901_arm64 as a component of multicluster engine for Kubernetes 2.11",
"product_id": "multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:9930d9200b2e54b173c129dfc27dedde7d9921cc67383b059516be3074bf2901_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:9930d9200b2e54b173c129dfc27dedde7d9921cc67383b059516be3074bf2901_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:d2e67dfff2b183eaeb15ce21e4fa44b38379c959fcc0d6cd3b94a8d948104edb_ppc64le as a component of multicluster engine for Kubernetes 2.11",
"product_id": "multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:d2e67dfff2b183eaeb15ce21e4fa44b38379c959fcc0d6cd3b94a8d948104edb_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:d2e67dfff2b183eaeb15ce21e4fa44b38379c959fcc0d6cd3b94a8d948104edb_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.11"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-32280",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-08T02:01:19.572351+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:240c2cef0fb030eab862e126582f17d611ae0af86761e1bd3ac5c7e6cbe957f6_amd64",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:5a280accb1fa857d4cc70a11f4adc0734cccd7bf0c430211a8271b03e6fb8c4b_s390x",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:72e0250d239399e9c9d3a6d520144a3fece3525c16900c3626a43050d9e36065_ppc64le",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:cba3abaa642778ac075083eee2f3b7be32d00e38865b7626a52613e50bfb3b64_arm64",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:188aef7eac5a0fc52d13d116b68129257ee6b2ef3659a72325aa579b773bd180_s390x",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:2d0bae5716ae90f260522ec181eeeb214bd244f11705309bcc0d1663b86d42df_ppc64le",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:46d2b40907bedcca3a444920c33d7398a481d6321886a42ac8b5573ccf6be362_arm64",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:67e144e58d42b936c0a0fb3bf9ea155e54fbb3d208df538bc701da8252b54367_amd64",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:230ae99c97005f071eff0f292c39602bfbf5f529e138c61cc02a863dedde2990_amd64",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:30ace9f84abf5a77637474d4521f027c0850ea2f94cfb0221b3bd528b5a2257d_arm64",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:33d3b5ff3c0707067dc25c301c2ba0507fd87284b2ca2b0d90c9086155666cbf_ppc64le",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:e91825acb3f57275633dad65e78b1a1d24523a9020848b8c45563ae68c16f35e_s390x",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:01340581dc3d52424f8c315a8348ace09750e79d02763ab156b9df209b37c40a_ppc64le",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:03e9dd3d7aa259e38936596b8645a4a4a24f2ab432b0b0255543ec4f6f964794_arm64",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7a9075ce458efc08c71544731cfbf02aa31713143f413fe18e044133c1f42b8d_amd64",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:e01bede648ea6294f65c9111ad62ca0efc93a426e36e3e341bbdd03ce0fa73f0_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go standard library\u0027s certificate chain building process. Systems utilizing Go applications that process untrusted TLS certificates or X.509 certificate chains are susceptible to resource exhaustion when presented with an excessive number of intermediate certificates, potentially leading to service unavailability. This flaw impacts applications directly using `crypto/x509` or `crypto/tls`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:123096ce97e8bcf242bb1c99b003abf2daa400a3d046568556c69f4f09b13fe7_s390x",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:3c66547641708220be348d6eb2e5c0eef33c36d39987964e4dbd130ce2b63694_amd64",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:9930d9200b2e54b173c129dfc27dedde7d9921cc67383b059516be3074bf2901_arm64",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:d2e67dfff2b183eaeb15ce21e4fa44b38379c959fcc0d6cd3b94a8d948104edb_ppc64le"
],
"known_not_affected": [
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:240c2cef0fb030eab862e126582f17d611ae0af86761e1bd3ac5c7e6cbe957f6_amd64",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:5a280accb1fa857d4cc70a11f4adc0734cccd7bf0c430211a8271b03e6fb8c4b_s390x",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:72e0250d239399e9c9d3a6d520144a3fece3525c16900c3626a43050d9e36065_ppc64le",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:cba3abaa642778ac075083eee2f3b7be32d00e38865b7626a52613e50bfb3b64_arm64",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:188aef7eac5a0fc52d13d116b68129257ee6b2ef3659a72325aa579b773bd180_s390x",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:2d0bae5716ae90f260522ec181eeeb214bd244f11705309bcc0d1663b86d42df_ppc64le",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:46d2b40907bedcca3a444920c33d7398a481d6321886a42ac8b5573ccf6be362_arm64",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:67e144e58d42b936c0a0fb3bf9ea155e54fbb3d208df538bc701da8252b54367_amd64",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:230ae99c97005f071eff0f292c39602bfbf5f529e138c61cc02a863dedde2990_amd64",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:30ace9f84abf5a77637474d4521f027c0850ea2f94cfb0221b3bd528b5a2257d_arm64",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:33d3b5ff3c0707067dc25c301c2ba0507fd87284b2ca2b0d90c9086155666cbf_ppc64le",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:e91825acb3f57275633dad65e78b1a1d24523a9020848b8c45563ae68c16f35e_s390x",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:01340581dc3d52424f8c315a8348ace09750e79d02763ab156b9df209b37c40a_ppc64le",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:03e9dd3d7aa259e38936596b8645a4a4a24f2ab432b0b0255543ec4f6f964794_arm64",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7a9075ce458efc08c71544731cfbf02aa31713143f413fe18e044133c1f42b8d_amd64",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:e01bede648ea6294f65c9111ad62ca0efc93a426e36e3e341bbdd03ce0fa73f0_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "RHBZ#2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://go.dev/cl/758320",
"url": "https://go.dev/cl/758320"
},
{
"category": "external",
"summary": "https://go.dev/issue/78282",
"url": "https://go.dev/issue/78282"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4947",
"url": "https://pkg.go.dev/vuln/GO-2026-4947"
}
],
"release_date": "2026-04-08T01:06:58.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-01T06:52:41+00:00",
"details": "For more information about Assisted Installer, see the following documentation:\n\nhttps://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.16/html/clusters/cluster_mce_overview#cim-intro\n\nFor multicluster engine for Kubernetes, see the following documentation for\ndetails on how to install the images:\n\nhttps://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.16/html/clusters/cluster_mce_overview#mce-install-intro\n\nThis documentation will be available after the general availability release of Red Hat Advanced Cluster Management 2.16.",
"product_ids": [
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:123096ce97e8bcf242bb1c99b003abf2daa400a3d046568556c69f4f09b13fe7_s390x",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:3c66547641708220be348d6eb2e5c0eef33c36d39987964e4dbd130ce2b63694_amd64",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:9930d9200b2e54b173c129dfc27dedde7d9921cc67383b059516be3074bf2901_arm64",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:d2e67dfff2b183eaeb15ce21e4fa44b38379c959fcc0d6cd3b94a8d948104edb_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22268"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:240c2cef0fb030eab862e126582f17d611ae0af86761e1bd3ac5c7e6cbe957f6_amd64",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:5a280accb1fa857d4cc70a11f4adc0734cccd7bf0c430211a8271b03e6fb8c4b_s390x",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:72e0250d239399e9c9d3a6d520144a3fece3525c16900c3626a43050d9e36065_ppc64le",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:cba3abaa642778ac075083eee2f3b7be32d00e38865b7626a52613e50bfb3b64_arm64",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:188aef7eac5a0fc52d13d116b68129257ee6b2ef3659a72325aa579b773bd180_s390x",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:2d0bae5716ae90f260522ec181eeeb214bd244f11705309bcc0d1663b86d42df_ppc64le",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:46d2b40907bedcca3a444920c33d7398a481d6321886a42ac8b5573ccf6be362_arm64",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:67e144e58d42b936c0a0fb3bf9ea155e54fbb3d208df538bc701da8252b54367_amd64",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:230ae99c97005f071eff0f292c39602bfbf5f529e138c61cc02a863dedde2990_amd64",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:30ace9f84abf5a77637474d4521f027c0850ea2f94cfb0221b3bd528b5a2257d_arm64",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:33d3b5ff3c0707067dc25c301c2ba0507fd87284b2ca2b0d90c9086155666cbf_ppc64le",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:e91825acb3f57275633dad65e78b1a1d24523a9020848b8c45563ae68c16f35e_s390x",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:01340581dc3d52424f8c315a8348ace09750e79d02763ab156b9df209b37c40a_ppc64le",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:03e9dd3d7aa259e38936596b8645a4a4a24f2ab432b0b0255543ec4f6f964794_arm64",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7a9075ce458efc08c71544731cfbf02aa31713143f413fe18e044133c1f42b8d_amd64",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:e01bede648ea6294f65c9111ad62ca0efc93a426e36e3e341bbdd03ce0fa73f0_s390x",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:123096ce97e8bcf242bb1c99b003abf2daa400a3d046568556c69f4f09b13fe7_s390x",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:3c66547641708220be348d6eb2e5c0eef33c36d39987964e4dbd130ce2b63694_amd64",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:9930d9200b2e54b173c129dfc27dedde7d9921cc67383b059516be3074bf2901_arm64",
"multicluster engine for Kubernetes 2.11:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:d2e67dfff2b183eaeb15ce21e4fa44b38379c959fcc0d6cd3b94a8d948104edb_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
}
]
}
RHSA-2026:22309
Vulnerability from csaf_redhat - Published: 2026-06-01 12:12 - Updated: 2026-07-13 23:21A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-9.8.0.Z.MAIN.EUS:rhc-devel-1:0.2.7-7.el9_8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-9.8.0.Z.MAIN.EUS:rhc-devel-1:0.2.7-7.el9_8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-9.8.0.Z.MAIN.EUS:rhc-devel-1:0.2.7-7.el9_8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-9.8.0.Z.MAIN.EUS:rhc-devel-1:0.2.7-7.el9_8.x86_64 | — |
Vendor Fix
fix
|
A flaw was found in Go's `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.8.0.Z.MAIN.EUS:rhc-devel-1:0.2.7-7.el9_8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.8.0.Z.MAIN.EUS:rhc-devel-1:0.2.7-7.el9_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.8.0.Z.MAIN.EUS:rhc-devel-1:0.2.7-7.el9_8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.8.0.Z.MAIN.EUS:rhc-devel-1:0.2.7-7.el9_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for rhc is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "rhc is a client tool and daemon that connects the system to Red Hat hosted services enabling system and subscription management.\n\nSecurity Fix(es):\n\n* crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation (CVE-2026-32281)\n\n* crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:22309",
"url": "https://access.redhat.com/errata/RHSA-2026:22309"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_22309.json"
}
],
"title": "Red Hat Security Advisory: rhc security update",
"tracking": {
"current_release_date": "2026-07-13T23:21:48+00:00",
"generator": {
"date": "2026-07-13T23:21:48+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.2"
}
},
"id": "RHSA-2026:22309",
"initial_release_date": "2026-06-01T12:12:38+00:00",
"revision_history": [
{
"date": "2026-06-01T12:12:38+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-01T12:12:38+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-13T23:21:48+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.8.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.8.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::crb"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "rhc-devel-1:0.2.7-7.el9_8.aarch64",
"product": {
"name": "rhc-devel-1:0.2.7-7.el9_8.aarch64",
"product_id": "rhc-devel-1:0.2.7-7.el9_8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc-devel@0.2.7-7.el9_8?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rhc-debugsource-1:0.2.7-7.el9_8.aarch64",
"product": {
"name": "rhc-debugsource-1:0.2.7-7.el9_8.aarch64",
"product_id": "rhc-debugsource-1:0.2.7-7.el9_8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc-debugsource@0.2.7-7.el9_8?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rhc-debuginfo-1:0.2.7-7.el9_8.aarch64",
"product": {
"name": "rhc-debuginfo-1:0.2.7-7.el9_8.aarch64",
"product_id": "rhc-debuginfo-1:0.2.7-7.el9_8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc-debuginfo@0.2.7-7.el9_8?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rhc-1:0.2.7-7.el9_8.aarch64",
"product": {
"name": "rhc-1:0.2.7-7.el9_8.aarch64",
"product_id": "rhc-1:0.2.7-7.el9_8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc@0.2.7-7.el9_8?arch=aarch64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "rhc-devel-1:0.2.7-7.el9_8.ppc64le",
"product": {
"name": "rhc-devel-1:0.2.7-7.el9_8.ppc64le",
"product_id": "rhc-devel-1:0.2.7-7.el9_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc-devel@0.2.7-7.el9_8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rhc-debugsource-1:0.2.7-7.el9_8.ppc64le",
"product": {
"name": "rhc-debugsource-1:0.2.7-7.el9_8.ppc64le",
"product_id": "rhc-debugsource-1:0.2.7-7.el9_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc-debugsource@0.2.7-7.el9_8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rhc-debuginfo-1:0.2.7-7.el9_8.ppc64le",
"product": {
"name": "rhc-debuginfo-1:0.2.7-7.el9_8.ppc64le",
"product_id": "rhc-debuginfo-1:0.2.7-7.el9_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc-debuginfo@0.2.7-7.el9_8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rhc-1:0.2.7-7.el9_8.ppc64le",
"product": {
"name": "rhc-1:0.2.7-7.el9_8.ppc64le",
"product_id": "rhc-1:0.2.7-7.el9_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc@0.2.7-7.el9_8?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "rhc-devel-1:0.2.7-7.el9_8.s390x",
"product": {
"name": "rhc-devel-1:0.2.7-7.el9_8.s390x",
"product_id": "rhc-devel-1:0.2.7-7.el9_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc-devel@0.2.7-7.el9_8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rhc-debugsource-1:0.2.7-7.el9_8.s390x",
"product": {
"name": "rhc-debugsource-1:0.2.7-7.el9_8.s390x",
"product_id": "rhc-debugsource-1:0.2.7-7.el9_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc-debugsource@0.2.7-7.el9_8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rhc-debuginfo-1:0.2.7-7.el9_8.s390x",
"product": {
"name": "rhc-debuginfo-1:0.2.7-7.el9_8.s390x",
"product_id": "rhc-debuginfo-1:0.2.7-7.el9_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc-debuginfo@0.2.7-7.el9_8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rhc-1:0.2.7-7.el9_8.s390x",
"product": {
"name": "rhc-1:0.2.7-7.el9_8.s390x",
"product_id": "rhc-1:0.2.7-7.el9_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc@0.2.7-7.el9_8?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "rhc-devel-1:0.2.7-7.el9_8.x86_64",
"product": {
"name": "rhc-devel-1:0.2.7-7.el9_8.x86_64",
"product_id": "rhc-devel-1:0.2.7-7.el9_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc-devel@0.2.7-7.el9_8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rhc-debugsource-1:0.2.7-7.el9_8.x86_64",
"product": {
"name": "rhc-debugsource-1:0.2.7-7.el9_8.x86_64",
"product_id": "rhc-debugsource-1:0.2.7-7.el9_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc-debugsource@0.2.7-7.el9_8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rhc-debuginfo-1:0.2.7-7.el9_8.x86_64",
"product": {
"name": "rhc-debuginfo-1:0.2.7-7.el9_8.x86_64",
"product_id": "rhc-debuginfo-1:0.2.7-7.el9_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc-debuginfo@0.2.7-7.el9_8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rhc-1:0.2.7-7.el9_8.x86_64",
"product": {
"name": "rhc-1:0.2.7-7.el9_8.x86_64",
"product_id": "rhc-1:0.2.7-7.el9_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc@0.2.7-7.el9_8?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "rhc-1:0.2.7-7.el9_8.src",
"product": {
"name": "rhc-1:0.2.7-7.el9_8.src",
"product_id": "rhc-1:0.2.7-7.el9_8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc@0.2.7-7.el9_8?arch=src\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-1:0.2.7-7.el9_8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.aarch64"
},
"product_reference": "rhc-1:0.2.7-7.el9_8.aarch64",
"relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-1:0.2.7-7.el9_8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.ppc64le"
},
"product_reference": "rhc-1:0.2.7-7.el9_8.ppc64le",
"relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-1:0.2.7-7.el9_8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.s390x"
},
"product_reference": "rhc-1:0.2.7-7.el9_8.s390x",
"relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-1:0.2.7-7.el9_8.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.src"
},
"product_reference": "rhc-1:0.2.7-7.el9_8.src",
"relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-1:0.2.7-7.el9_8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.x86_64"
},
"product_reference": "rhc-1:0.2.7-7.el9_8.x86_64",
"relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-debuginfo-1:0.2.7-7.el9_8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.aarch64"
},
"product_reference": "rhc-debuginfo-1:0.2.7-7.el9_8.aarch64",
"relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-debuginfo-1:0.2.7-7.el9_8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.ppc64le"
},
"product_reference": "rhc-debuginfo-1:0.2.7-7.el9_8.ppc64le",
"relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-debuginfo-1:0.2.7-7.el9_8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.s390x"
},
"product_reference": "rhc-debuginfo-1:0.2.7-7.el9_8.s390x",
"relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-debuginfo-1:0.2.7-7.el9_8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.x86_64"
},
"product_reference": "rhc-debuginfo-1:0.2.7-7.el9_8.x86_64",
"relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-debugsource-1:0.2.7-7.el9_8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.aarch64"
},
"product_reference": "rhc-debugsource-1:0.2.7-7.el9_8.aarch64",
"relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-debugsource-1:0.2.7-7.el9_8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.ppc64le"
},
"product_reference": "rhc-debugsource-1:0.2.7-7.el9_8.ppc64le",
"relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-debugsource-1:0.2.7-7.el9_8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.s390x"
},
"product_reference": "rhc-debugsource-1:0.2.7-7.el9_8.s390x",
"relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-debugsource-1:0.2.7-7.el9_8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.x86_64"
},
"product_reference": "rhc-debugsource-1:0.2.7-7.el9_8.x86_64",
"relates_to_product_reference": "AppStream-9.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-debuginfo-1:0.2.7-7.el9_8.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.aarch64"
},
"product_reference": "rhc-debuginfo-1:0.2.7-7.el9_8.aarch64",
"relates_to_product_reference": "CRB-9.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-debuginfo-1:0.2.7-7.el9_8.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.ppc64le"
},
"product_reference": "rhc-debuginfo-1:0.2.7-7.el9_8.ppc64le",
"relates_to_product_reference": "CRB-9.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-debuginfo-1:0.2.7-7.el9_8.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.s390x"
},
"product_reference": "rhc-debuginfo-1:0.2.7-7.el9_8.s390x",
"relates_to_product_reference": "CRB-9.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-debuginfo-1:0.2.7-7.el9_8.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.x86_64"
},
"product_reference": "rhc-debuginfo-1:0.2.7-7.el9_8.x86_64",
"relates_to_product_reference": "CRB-9.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-debugsource-1:0.2.7-7.el9_8.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.aarch64"
},
"product_reference": "rhc-debugsource-1:0.2.7-7.el9_8.aarch64",
"relates_to_product_reference": "CRB-9.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-debugsource-1:0.2.7-7.el9_8.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.ppc64le"
},
"product_reference": "rhc-debugsource-1:0.2.7-7.el9_8.ppc64le",
"relates_to_product_reference": "CRB-9.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-debugsource-1:0.2.7-7.el9_8.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.s390x"
},
"product_reference": "rhc-debugsource-1:0.2.7-7.el9_8.s390x",
"relates_to_product_reference": "CRB-9.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-debugsource-1:0.2.7-7.el9_8.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.x86_64"
},
"product_reference": "rhc-debugsource-1:0.2.7-7.el9_8.x86_64",
"relates_to_product_reference": "CRB-9.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-devel-1:0.2.7-7.el9_8.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.8.0.Z.MAIN.EUS:rhc-devel-1:0.2.7-7.el9_8.aarch64"
},
"product_reference": "rhc-devel-1:0.2.7-7.el9_8.aarch64",
"relates_to_product_reference": "CRB-9.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-devel-1:0.2.7-7.el9_8.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.8.0.Z.MAIN.EUS:rhc-devel-1:0.2.7-7.el9_8.ppc64le"
},
"product_reference": "rhc-devel-1:0.2.7-7.el9_8.ppc64le",
"relates_to_product_reference": "CRB-9.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-devel-1:0.2.7-7.el9_8.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.8.0.Z.MAIN.EUS:rhc-devel-1:0.2.7-7.el9_8.s390x"
},
"product_reference": "rhc-devel-1:0.2.7-7.el9_8.s390x",
"relates_to_product_reference": "CRB-9.8.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-devel-1:0.2.7-7.el9_8.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.8.0.Z.MAIN.EUS:rhc-devel-1:0.2.7-7.el9_8.x86_64"
},
"product_reference": "rhc-devel-1:0.2.7-7.el9_8.x86_64",
"relates_to_product_reference": "CRB-9.8.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-32280",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-08T02:01:19.572351+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go standard library\u0027s certificate chain building process. Systems utilizing Go applications that process untrusted TLS certificates or X.509 certificate chains are susceptible to resource exhaustion when presented with an excessive number of intermediate certificates, potentially leading to service unavailability. This flaw impacts applications directly using `crypto/x509` or `crypto/tls`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.src",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.x86_64",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.x86_64",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.x86_64",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.aarch64",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.ppc64le",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.s390x",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.x86_64",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.aarch64",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.ppc64le",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.s390x",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.x86_64",
"CRB-9.8.0.Z.MAIN.EUS:rhc-devel-1:0.2.7-7.el9_8.aarch64",
"CRB-9.8.0.Z.MAIN.EUS:rhc-devel-1:0.2.7-7.el9_8.ppc64le",
"CRB-9.8.0.Z.MAIN.EUS:rhc-devel-1:0.2.7-7.el9_8.s390x",
"CRB-9.8.0.Z.MAIN.EUS:rhc-devel-1:0.2.7-7.el9_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "RHBZ#2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://go.dev/cl/758320",
"url": "https://go.dev/cl/758320"
},
{
"category": "external",
"summary": "https://go.dev/issue/78282",
"url": "https://go.dev/issue/78282"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4947",
"url": "https://pkg.go.dev/vuln/GO-2026-4947"
}
],
"release_date": "2026-04-08T01:06:58.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-01T12:12:38+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.src",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.x86_64",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.x86_64",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.x86_64",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.aarch64",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.ppc64le",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.s390x",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.x86_64",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.aarch64",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.ppc64le",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.s390x",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.x86_64",
"CRB-9.8.0.Z.MAIN.EUS:rhc-devel-1:0.2.7-7.el9_8.aarch64",
"CRB-9.8.0.Z.MAIN.EUS:rhc-devel-1:0.2.7-7.el9_8.ppc64le",
"CRB-9.8.0.Z.MAIN.EUS:rhc-devel-1:0.2.7-7.el9_8.s390x",
"CRB-9.8.0.Z.MAIN.EUS:rhc-devel-1:0.2.7-7.el9_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22309"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.src",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.x86_64",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.x86_64",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.x86_64",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.aarch64",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.ppc64le",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.s390x",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.x86_64",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.aarch64",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.ppc64le",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.s390x",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.x86_64",
"CRB-9.8.0.Z.MAIN.EUS:rhc-devel-1:0.2.7-7.el9_8.aarch64",
"CRB-9.8.0.Z.MAIN.EUS:rhc-devel-1:0.2.7-7.el9_8.ppc64le",
"CRB-9.8.0.Z.MAIN.EUS:rhc-devel-1:0.2.7-7.el9_8.s390x",
"CRB-9.8.0.Z.MAIN.EUS:rhc-devel-1:0.2.7-7.el9_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
},
{
"cve": "CVE-2026-32281",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2026-04-08T02:01:00.930989+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456333"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs during the validation of otherwise trusted certificate chains that contain a large number of policy mappings, leading to excessive resource consumption. Exploitation requires an attacker to present a specially crafted, yet trusted, certificate chain which would require the attacker has already compromised a trusted certificate root. Red Hat continuously monitors certificate authorities and curates the set which is trusted by default for Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.src",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.x86_64",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.x86_64",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.x86_64",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.aarch64",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.ppc64le",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.s390x",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.x86_64",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.aarch64",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.ppc64le",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.s390x",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.x86_64",
"CRB-9.8.0.Z.MAIN.EUS:rhc-devel-1:0.2.7-7.el9_8.aarch64",
"CRB-9.8.0.Z.MAIN.EUS:rhc-devel-1:0.2.7-7.el9_8.ppc64le",
"CRB-9.8.0.Z.MAIN.EUS:rhc-devel-1:0.2.7-7.el9_8.s390x",
"CRB-9.8.0.Z.MAIN.EUS:rhc-devel-1:0.2.7-7.el9_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "RHBZ#2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://go.dev/cl/758061",
"url": "https://go.dev/cl/758061"
},
{
"category": "external",
"summary": "https://go.dev/issue/78281",
"url": "https://go.dev/issue/78281"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4946",
"url": "https://pkg.go.dev/vuln/GO-2026-4946"
}
],
"release_date": "2026-04-08T01:06:58.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-01T12:12:38+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.src",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.x86_64",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.x86_64",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.x86_64",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.aarch64",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.ppc64le",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.s390x",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.x86_64",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.aarch64",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.ppc64le",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.s390x",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.x86_64",
"CRB-9.8.0.Z.MAIN.EUS:rhc-devel-1:0.2.7-7.el9_8.aarch64",
"CRB-9.8.0.Z.MAIN.EUS:rhc-devel-1:0.2.7-7.el9_8.ppc64le",
"CRB-9.8.0.Z.MAIN.EUS:rhc-devel-1:0.2.7-7.el9_8.s390x",
"CRB-9.8.0.Z.MAIN.EUS:rhc-devel-1:0.2.7-7.el9_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22309"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.src",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.x86_64",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.x86_64",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.x86_64",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.aarch64",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.ppc64le",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.s390x",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.x86_64",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.aarch64",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.ppc64le",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.s390x",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.x86_64",
"CRB-9.8.0.Z.MAIN.EUS:rhc-devel-1:0.2.7-7.el9_8.aarch64",
"CRB-9.8.0.Z.MAIN.EUS:rhc-devel-1:0.2.7-7.el9_8.ppc64le",
"CRB-9.8.0.Z.MAIN.EUS:rhc-devel-1:0.2.7-7.el9_8.s390x",
"CRB-9.8.0.Z.MAIN.EUS:rhc-devel-1:0.2.7-7.el9_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.src",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-1:0.2.7-7.el9_8.x86_64",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.x86_64",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.aarch64",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.ppc64le",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.s390x",
"AppStream-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.x86_64",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.aarch64",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.ppc64le",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.s390x",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debuginfo-1:0.2.7-7.el9_8.x86_64",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.aarch64",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.ppc64le",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.s390x",
"CRB-9.8.0.Z.MAIN.EUS:rhc-debugsource-1:0.2.7-7.el9_8.x86_64",
"CRB-9.8.0.Z.MAIN.EUS:rhc-devel-1:0.2.7-7.el9_8.aarch64",
"CRB-9.8.0.Z.MAIN.EUS:rhc-devel-1:0.2.7-7.el9_8.ppc64le",
"CRB-9.8.0.Z.MAIN.EUS:rhc-devel-1:0.2.7-7.el9_8.s390x",
"CRB-9.8.0.Z.MAIN.EUS:rhc-devel-1:0.2.7-7.el9_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation"
}
]
}
RHSA-2026:22347
Vulnerability from csaf_redhat - Published: 2026-06-01 22:12 - Updated: 2026-07-14 05:56No description is available for this CVE.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x | — |
A flaw was found in Tempo. A remote attacker can exploit this vulnerability by sending large queries to the Tempo service. This can lead to excessive memory allocations, potentially causing a Denial of Service (DoS) by impacting the availability of the service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x | — |
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x | — |
Workaround
|
A certificate validation flaw has been discovered in the golang crypto/x509 module. When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly applied, and only the last constraint will be considered.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x | — |
Workaround
|
A flaw was found in NATS-Server, a high-performance messaging system. A remote attacker can exploit this vulnerability before authentication by sending a specially crafted WebSockets frame. This missing sanity check can trigger a server panic, leading to a Denial of Service (DoS) for affected deployments that use WebSockets and expose the network port to untrusted endpoints.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x | — |
Workaround
|
A flaw was found in NATS-Server. A remote attacker can exploit this vulnerability by connecting to a NATS-Server instance where the 'leafnode' configuration is enabled and compression is active. This pre-authentication flaw allows the attacker to trigger a server crash, resulting in a Denial of Service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x | — |
Workaround
|
A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x | — |
A flaw was found in Go's `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x | — |
Workaround
|
A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x | — |
Workaround
|
A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x | — |
A flaw was found in github.com/buger/jsonparser. The Delete function, when processing malformed JSON input, fails to properly validate offsets. This vulnerability can lead to a negative slice index and a runtime panic, allowing a remote attacker to cause a denial of service (DoS) by providing specially crafted JSON data.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x | — |
Workaround
|
A flaw was found in the DataRow.Decode function within the github.com/jackc/pgproto3/v2 component. A malicious or compromised PostgreSQL server can exploit this by sending a DataRow message containing a negative field length. This improper validation of field lengths leads to a "slice bounds out of range panic", resulting in a Denial of Service (DoS) for the affected application.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x | — |
Workaround
|
A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le | — |
Workaround
|
A flaw was found in NATS-Server. A remote attacker could exploit this vulnerability by manipulating MQTT (Message Queuing Telemetry Transport) Client IDs. This malfeasance allows for the hijacking of client sessions and messages. This could lead to unauthorized access to sensitive information or disruption of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x | — |
A flaw was found in NATS-Server, a high-performance server for the NATS.io messaging system. For MQTT deployments utilizing usercodes and passwords, the MQTT passwords were mistakenly categorized as non-authenticating identity statements (JSON Web Tokens - JWT). This misclassification leads to the exposure of these passwords through monitoring endpoints, enabling an attacker with access to these endpoints to gain sensitive information.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x | — |
Workaround
|
A flaw was found in NATS-Server. When Access Control Lists (ACLs) were configured for message subjects, these controls were not correctly applied within the `$MQTT.>` namespace. This oversight allows MQTT clients to bypass the intended ACL checks, potentially granting unauthorized access to sensitive message subjects. This vulnerability could lead to information disclosure or unauthorized message manipulation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x | — |
Workaround
|
A flaw was found in NATS-Server, a high-performance messaging system. A remote attacker, by connecting to the leafnode port and sending a specially crafted malformed message before authentication, can cause the nats-server to crash. This vulnerability leads to a Denial of Service (DoS), making the server unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x | — |
Workaround
|
A flaw was found in NATS-Server. A malicious client connecting to the WebSockets port can cause unbounded memory use before authentication by sending a large amount of data. This resource exhaustion vulnerability can lead to a Denial of Service (DoS) for the server, making it unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x | — |
Workaround
|
A flaw was found in NATS-Server. If the NATS-Server is configured with static credentials provided through command-line arguments (argv) and the monitoring port is enabled, a remote attacker with access to the monitoring port can view these credentials. The /debug/vars endpoint on the monitoring port exposes an unredacted copy of the command-line arguments, leading to information disclosure of sensitive authentication details.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x | — |
Workaround
|
A flaw was found in etcd, a distributed key-value store. Unauthorized users can bypass authentication or authorization checks when the gRPC API is exposed to untrusted clients. This allows them to access sensitive cluster topology information, disrupt operations through alarms, interfere with lease management, and trigger data compaction, leading to permanent data loss and disruption of critical workflows. This vulnerability can result in information disclosure and denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x | — |
Workaround
|
A flaw was found in goxmlsig, a Go library for XML Digital Signatures. This vulnerability arises from a programming error, specifically a loop variable capture issue, within the `validateSignature` function. When processing XML Digital Signatures, this error can cause the system to incorrectly validate the signature, potentially allowing an attacker to bypass integrity checks. This issue affects Go versions before 1.22 or projects using older `go.mod` configurations.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x | — |
Workaround
|
A flaw was found in the `crypto/x509` package within Go (golang). When verifying a certificate chain, excluded DNS (Domain Name System) constraints are not correctly applied to wildcard DNS Subject Alternative Names (SANs) if the case of the SAN differs from the constraint. This oversight could allow an attacker to bypass certificate validation, potentially leading to the acceptance of a malicious certificate that should have been rejected. This issue specifically impacts the validation of trusted certificate chains.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x | — |
A flaw was found in golang.org/x/image. A remote attacker could exploit this vulnerability by providing a specially crafted WEBP image with an invalid, large size. This could cause the application to panic and crash on 32-bit platforms, leading to a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x | — |
A flaw was found in Moby, an open-source container framework. This vulnerability allows for a privilege validation bypass during `docker plugin install`. Due to an error in the daemon's privilege comparison logic, the system may incorrectly accept a plugin's requested privileges that differ from those approved by the user. This could lead to unauthorized privilege escalation for installed plugins.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x | — |
A flaw was found in Moby, an open-source container framework. This security vulnerability allows attackers to bypass authorization plugins (AuthZ), which are mechanisms designed to control access and permissions within the container environment. The bypass of these plugins can lead to unauthorized operations and potential compromise of the system's integrity and confidentiality.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x | — |
Workaround
|
A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x | — |
Workaround
|
A flaw was found in github.com/gomarkdown/markdown, a Go library for parsing Markdown text and rendering as HTML. A remote attacker could exploit this vulnerability by providing a specially crafted malformed input. Specifically, input containing a '<' character not followed by a '>' character, when processed by the SmartypantsRenderer, can lead to an out-of-bounds read or a panic. This can result in a denial of service (DoS) for the application, making it unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x | — |
Workaround
|
A flaw was found in the Apache Thrift TFramedTransport Go language implementation. This integer overflow or wraparound vulnerability could potentially allow an attacker to cause unexpected behavior or resource exhaustion, leading to a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x | — |
A flaw was found in Apache Thrift. This vulnerability involves improper validation of server certificates, where the hostname presented in the certificate does not match the expected hostname. A remote attacker could exploit this to impersonate a legitimate server, potentially intercepting or altering sensitive communications and leading to unauthorized access or information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x | — |
A flaw was found in Apache Thrift. This out-of-bounds read vulnerability could allow an attacker to access memory outside of allocated bounds. This could lead to information disclosure or potentially a denial of service (DoS) condition.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x | — |
A flaw was found in Apache Thrift. This integer overflow or wraparound vulnerability could potentially lead to unexpected behavior or resource exhaustion, which may impact the availability or integrity of the system. The exact consequences depend on how the overflow is triggered and handled within the application.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x | — |
A flaw was found in Apache Thrift. An uncontrolled recursion vulnerability exists, which could allow a remote attacker to trigger a Denial of Service (DoS) condition. This occurs when the affected component processes specially crafted input, leading to excessive resource consumption and system unavailability.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x | — |
A flaw was found in Apache Thrift. This out-of-bounds read vulnerability can lead to the disclosure of sensitive information or a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x | — |
Uncontrolled Recursion vulnerability in Apache Thrift Node.js bindings This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x | — |
A flaw was found in Apache Thrift. This vulnerability involves improper validation of a certificate with a host mismatch, which could allow a remote attacker to bypass security checks. By presenting a specially crafted certificate, an attacker may impersonate a legitimate server or client. This could lead to a security bypass, potentially enabling unauthorized access or information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Multicluster Global Hub v1.4.5 general availability release images, which provide security fixes, bug fixes, and updated container images.\n\nRed Hat Product Security has rated this update as having a security impact of Important. \nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat multicluster global hub is a set of components that enable you to import one or more hub clusters and manage them from a single hub cluster.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:22347",
"url": "https://access.redhat.com/errata/RHSA-2026:22347"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-21728",
"url": "https://access.redhat.com/security/cve/CVE-2026-21728"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25679",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27137",
"url": "https://access.redhat.com/security/cve/CVE-2026-27137"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27889",
"url": "https://access.redhat.com/security/cve/CVE-2026-27889"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-29785",
"url": "https://access.redhat.com/security/cve/CVE-2026-29785"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32280",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32281",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32282",
"url": "https://access.redhat.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32283",
"url": "https://access.redhat.com/security/cve/CVE-2026-32283"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32285",
"url": "https://access.redhat.com/security/cve/CVE-2026-32285"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32286",
"url": "https://access.redhat.com/security/cve/CVE-2026-32286"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33186",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33215",
"url": "https://access.redhat.com/security/cve/CVE-2026-33215"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33216",
"url": "https://access.redhat.com/security/cve/CVE-2026-33216"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33217",
"url": "https://access.redhat.com/security/cve/CVE-2026-33217"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33218",
"url": "https://access.redhat.com/security/cve/CVE-2026-33218"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33219",
"url": "https://access.redhat.com/security/cve/CVE-2026-33219"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33247",
"url": "https://access.redhat.com/security/cve/CVE-2026-33247"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33413",
"url": "https://access.redhat.com/security/cve/CVE-2026-33413"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33487",
"url": "https://access.redhat.com/security/cve/CVE-2026-33487"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33810",
"url": "https://access.redhat.com/security/cve/CVE-2026-33810"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33813",
"url": "https://access.redhat.com/security/cve/CVE-2026-33813"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33997",
"url": "https://access.redhat.com/security/cve/CVE-2026-33997"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-34040",
"url": "https://access.redhat.com/security/cve/CVE-2026-34040"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-34986",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-40890",
"url": "https://access.redhat.com/security/cve/CVE-2026-40890"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-41602",
"url": "https://access.redhat.com/security/cve/CVE-2026-41602"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-41603",
"url": "https://access.redhat.com/security/cve/CVE-2026-41603"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-41604",
"url": "https://access.redhat.com/security/cve/CVE-2026-41604"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-41605",
"url": "https://access.redhat.com/security/cve/CVE-2026-41605"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-41606",
"url": "https://access.redhat.com/security/cve/CVE-2026-41606"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-41607",
"url": "https://access.redhat.com/security/cve/CVE-2026-41607"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-41636",
"url": "https://access.redhat.com/security/cve/CVE-2026-41636"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-43869",
"url": "https://access.redhat.com/security/cve/CVE-2026-43869"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-4427",
"url": "https://access.redhat.com/security/cve/CVE-2026-4427"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_22347.json"
}
],
"title": "Red Hat Security Advisory: Multicluster Global Hub 1.4.5 security update",
"tracking": {
"current_release_date": "2026-07-14T05:56:47+00:00",
"generator": {
"date": "2026-07-14T05:56:47+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.2"
}
},
"id": "RHSA-2026:22347",
"initial_release_date": "2026-06-01T22:12:17+00:00",
"revision_history": [
{
"date": "2026-06-01T22:12:17+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-01T22:12:25+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-14T05:56:47+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Multicluster Global Hub 1.4.5",
"product": {
"name": "Multicluster Global Hub 1.4.5",
"product_id": "Multicluster Global Hub 1.4.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:multicluster_globalhub:1.4::el9"
}
}
}
],
"category": "product_family",
"name": "Multicluster Global Hub"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-grafana-rhel9@sha256%3A0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9\u0026tag=1779579439"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-agent-rhel9@sha256%3A0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9\u0026tag=1779838819"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-manager-rhel9@sha256%3A06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9\u0026tag=1779839447"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-operator-bundle@sha256%3Afcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle\u0026tag=1779891163"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-rhel9-operator@sha256%3A20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator\u0026tag=1779887217"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-postgres-exporter-rhel9@sha256%3A82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9\u0026tag=1779147132"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-grafana-rhel9@sha256%3Ae893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9\u0026tag=1779579439"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-agent-rhel9@sha256%3A1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9\u0026tag=1779838819"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-manager-rhel9@sha256%3A302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9\u0026tag=1779839447"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-rhel9-operator@sha256%3A2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator\u0026tag=1779887217"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-postgres-exporter-rhel9@sha256%3A9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9\u0026tag=1779147132"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-grafana-rhel9@sha256%3Acdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9\u0026tag=1779579439"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-agent-rhel9@sha256%3Af4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9\u0026tag=1779838819"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-manager-rhel9@sha256%3A3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9\u0026tag=1779839447"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-rhel9-operator@sha256%3A81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator\u0026tag=1779887217"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-postgres-exporter-rhel9@sha256%3A4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9\u0026tag=1779147132"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-grafana-rhel9@sha256%3A7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9\u0026tag=1779579439"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-agent-rhel9@sha256%3A90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9\u0026tag=1779838819"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-manager-rhel9@sha256%3Ae558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9\u0026tag=1779839447"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-rhel9-operator@sha256%3A71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator\u0026tag=1779887217"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-postgres-exporter-rhel9@sha256%3A3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9\u0026tag=1779147132"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64 as a component of Multicluster Global Hub 1.4.5",
"product_id": "Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"relates_to_product_reference": "Multicluster Global Hub 1.4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le as a component of Multicluster Global Hub 1.4.5",
"product_id": "Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"relates_to_product_reference": "Multicluster Global Hub 1.4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64 as a component of Multicluster Global Hub 1.4.5",
"product_id": "Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"relates_to_product_reference": "Multicluster Global Hub 1.4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x as a component of Multicluster Global Hub 1.4.5",
"product_id": "Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"relates_to_product_reference": "Multicluster Global Hub 1.4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64 as a component of Multicluster Global Hub 1.4.5",
"product_id": "Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"relates_to_product_reference": "Multicluster Global Hub 1.4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64 as a component of Multicluster Global Hub 1.4.5",
"product_id": "Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"relates_to_product_reference": "Multicluster Global Hub 1.4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x as a component of Multicluster Global Hub 1.4.5",
"product_id": "Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"relates_to_product_reference": "Multicluster Global Hub 1.4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le as a component of Multicluster Global Hub 1.4.5",
"product_id": "Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"relates_to_product_reference": "Multicluster Global Hub 1.4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64 as a component of Multicluster Global Hub 1.4.5",
"product_id": "Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"relates_to_product_reference": "Multicluster Global Hub 1.4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le as a component of Multicluster Global Hub 1.4.5",
"product_id": "Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"relates_to_product_reference": "Multicluster Global Hub 1.4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x as a component of Multicluster Global Hub 1.4.5",
"product_id": "Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"relates_to_product_reference": "Multicluster Global Hub 1.4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64 as a component of Multicluster Global Hub 1.4.5",
"product_id": "Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"relates_to_product_reference": "Multicluster Global Hub 1.4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64 as a component of Multicluster Global Hub 1.4.5",
"product_id": "Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"relates_to_product_reference": "Multicluster Global Hub 1.4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64 as a component of Multicluster Global Hub 1.4.5",
"product_id": "Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"relates_to_product_reference": "Multicluster Global Hub 1.4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x as a component of Multicluster Global Hub 1.4.5",
"product_id": "Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"relates_to_product_reference": "Multicluster Global Hub 1.4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64 as a component of Multicluster Global Hub 1.4.5",
"product_id": "Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"relates_to_product_reference": "Multicluster Global Hub 1.4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le as a component of Multicluster Global Hub 1.4.5",
"product_id": "Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"relates_to_product_reference": "Multicluster Global Hub 1.4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64 as a component of Multicluster Global Hub 1.4.5",
"product_id": "Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"relates_to_product_reference": "Multicluster Global Hub 1.4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le as a component of Multicluster Global Hub 1.4.5",
"product_id": "Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"relates_to_product_reference": "Multicluster Global Hub 1.4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64 as a component of Multicluster Global Hub 1.4.5",
"product_id": "Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"relates_to_product_reference": "Multicluster Global Hub 1.4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x as a component of Multicluster Global Hub 1.4.5",
"product_id": "Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x",
"relates_to_product_reference": "Multicluster Global Hub 1.4.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-4427",
"discovery_date": "2026-03-18T14:02:19.414820+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "other",
"text": "This CVE has been marked as Rejected by the assigning CNA.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"known_not_affected": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-4427"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-4427",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4427"
}
],
"release_date": "2026-03-18T13:00:31+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-01T22:12:17+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.13/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22347"
}
],
"title": "github.com/jackc/pgproto3: pgproto3: Denial of Service via negative field length in DataRow message"
},
{
"cve": "CVE-2026-21728",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-24T09:00:58.144273+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461395"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Tempo. A remote attacker can exploit this vulnerability by sending large queries to the Tempo service. This can lead to excessive memory allocations, potentially causing a Denial of Service (DoS) by impacting the availability of the service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "grafana/tempo: Tempo: Denial of Service via large queries",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"known_not_affected": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21728"
},
{
"category": "external",
"summary": "RHBZ#2461395",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461395"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21728",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21728"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21728",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21728"
},
{
"category": "external",
"summary": "https://grafana.com/security/security-advisories/cve-2026-21728",
"url": "https://grafana.com/security/security-advisories/cve-2026-21728"
}
],
"release_date": "2026-04-24T08:00:47.074000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-01T22:12:17+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.13/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22347"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "grafana/tempo: Tempo: Denial of Service via large queries"
},
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x"
],
"known_not_affected": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-01T22:12:17+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.13/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22347"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
},
{
"cve": "CVE-2026-27137",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2026-03-06T22:01:38.859733+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445345"
}
],
"notes": [
{
"category": "description",
"text": "A certificate validation flaw has been discovered in the golang crypto/x509 module. When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly applied, and only the last constraint will be considered.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: Incorrect enforcement of email constraints in crypto/x509",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x"
],
"known_not_affected": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27137"
},
{
"category": "external",
"summary": "RHBZ#2445345",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445345"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27137",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27137"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27137",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27137"
},
{
"category": "external",
"summary": "https://go.dev/cl/752182",
"url": "https://go.dev/cl/752182"
},
{
"category": "external",
"summary": "https://go.dev/issue/77952",
"url": "https://go.dev/issue/77952"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4599",
"url": "https://pkg.go.dev/vuln/GO-2026-4599"
}
],
"release_date": "2026-03-06T21:28:13.748000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-01T22:12:17+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.13/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22347"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: Incorrect enforcement of email constraints in crypto/x509"
},
{
"cve": "CVE-2026-27889",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-25T20:01:58.261703+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2451447"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in NATS-Server, a high-performance messaging system. A remote attacker can exploit this vulnerability before authentication by sending a specially crafted WebSockets frame. This missing sanity check can trigger a server panic, leading to a Denial of Service (DoS) for affected deployments that use WebSockets and expose the network port to untrusted endpoints.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/nats-io/nats-server: NATS-Server: Denial of Service via malformed WebSockets frame",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"known_not_affected": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27889"
},
{
"category": "external",
"summary": "RHBZ#2451447",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451447"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27889",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27889"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27889",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27889"
},
{
"category": "external",
"summary": "https://advisories.nats.io/CVE/secnote-2026-03.txt",
"url": "https://advisories.nats.io/CVE/secnote-2026-03.txt"
},
{
"category": "external",
"summary": "https://github.com/nats-io/nats-server/security/advisories/GHSA-pq2q-rcw4-3hr6",
"url": "https://github.com/nats-io/nats-server/security/advisories/GHSA-pq2q-rcw4-3hr6"
}
],
"release_date": "2026-03-25T19:36:36.370000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-01T22:12:17+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.13/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22347"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/nats-io/nats-server: NATS-Server: Denial of Service via malformed WebSockets frame"
},
{
"cve": "CVE-2026-29785",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2026-03-25T20:01:35.121898+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2451444"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in NATS-Server. A remote attacker can exploit this vulnerability by connecting to a NATS-Server instance where the \u0027leafnode\u0027 configuration is enabled and compression is active. This pre-authentication flaw allows the attacker to trigger a server crash, resulting in a Denial of Service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/nats-io/nats-server: NATS-Server: Denial of Service via leafnode compression",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"known_not_affected": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-29785"
},
{
"category": "external",
"summary": "RHBZ#2451444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451444"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-29785",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29785"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-29785",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29785"
},
{
"category": "external",
"summary": "https://advisories.nats.io/CVE/secnote-2026-04.txt",
"url": "https://advisories.nats.io/CVE/secnote-2026-04.txt"
},
{
"category": "external",
"summary": "https://github.com/nats-io/nats-server/commit/a1488de6f2ba6e666aef0f9cce0016f7f167d6a8",
"url": "https://github.com/nats-io/nats-server/commit/a1488de6f2ba6e666aef0f9cce0016f7f167d6a8"
},
{
"category": "external",
"summary": "https://github.com/nats-io/nats-server/security/advisories/GHSA-52jh-2xxh-pwh6",
"url": "https://github.com/nats-io/nats-server/security/advisories/GHSA-52jh-2xxh-pwh6"
}
],
"release_date": "2026-03-25T19:38:44.587000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-01T22:12:17+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.13/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22347"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/nats-io/nats-server: NATS-Server: Denial of Service via leafnode compression"
},
{
"cve": "CVE-2026-32280",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-08T02:01:19.572351+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go standard library\u0027s certificate chain building process. Systems utilizing Go applications that process untrusted TLS certificates or X.509 certificate chains are susceptible to resource exhaustion when presented with an excessive number of intermediate certificates, potentially leading to service unavailability. This flaw impacts applications directly using `crypto/x509` or `crypto/tls`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x"
],
"known_not_affected": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "RHBZ#2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://go.dev/cl/758320",
"url": "https://go.dev/cl/758320"
},
{
"category": "external",
"summary": "https://go.dev/issue/78282",
"url": "https://go.dev/issue/78282"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4947",
"url": "https://pkg.go.dev/vuln/GO-2026-4947"
}
],
"release_date": "2026-04-08T01:06:58.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-01T22:12:17+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.13/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22347"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
},
{
"cve": "CVE-2026-32281",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2026-04-08T02:01:00.930989+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456333"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs during the validation of otherwise trusted certificate chains that contain a large number of policy mappings, leading to excessive resource consumption. Exploitation requires an attacker to present a specially crafted, yet trusted, certificate chain which would require the attacker has already compromised a trusted certificate root. Red Hat continuously monitors certificate authorities and curates the set which is trusted by default for Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"known_not_affected": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "RHBZ#2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://go.dev/cl/758061",
"url": "https://go.dev/cl/758061"
},
{
"category": "external",
"summary": "https://go.dev/issue/78281",
"url": "https://go.dev/issue/78281"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4946",
"url": "https://pkg.go.dev/vuln/GO-2026-4946"
}
],
"release_date": "2026-04-08T01:06:58.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-01T22:12:17+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.13/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22347"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation"
},
{
"cve": "CVE-2026-32282",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2026-04-08T02:01:12.683211+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456336"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs access to the system and the required permissions to create a symbolic link. Additionally, the attacker must swap the target file with a symbolic link in the exact window after the `Root.Chmod` function checks its target but before acting. Due to these conditions, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"known_not_affected": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "RHBZ#2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32282",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32282"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"category": "external",
"summary": "https://go.dev/cl/763761",
"url": "https://go.dev/cl/763761"
},
{
"category": "external",
"summary": "https://go.dev/issue/78293",
"url": "https://go.dev/issue/78293"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4864",
"url": "https://pkg.go.dev/vuln/GO-2026-4864"
}
],
"release_date": "2026-04-08T01:06:55.953000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-01T22:12:17+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.13/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22347"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root"
},
{
"cve": "CVE-2026-32283",
"cwe": {
"id": "CWE-764",
"name": "Multiple Locks of a Critical Resource"
},
"discovery_date": "2026-04-08T02:01:16.213799+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456338"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Important: A flaw in the Go `crypto/tls` package allows a remote attacker to cause a denial of service in applications using TLS 1.3. By sending multiple key update messages in a single record post-handshake, an attacker can trigger a connection deadlock, leading to uncontrolled resource consumption. This impacts Red Hat products utilizing the affected Go standard library for TLS 1.3 connections.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x"
],
"known_not_affected": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32283"
},
{
"category": "external",
"summary": "RHBZ#2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32283",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32283"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"category": "external",
"summary": "https://go.dev/cl/763767",
"url": "https://go.dev/cl/763767"
},
{
"category": "external",
"summary": "https://go.dev/issue/78334",
"url": "https://go.dev/issue/78334"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4870",
"url": "https://pkg.go.dev/vuln/GO-2026-4870"
}
],
"release_date": "2026-04-08T01:06:57.670000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-01T22:12:17+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.13/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22347"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages"
},
{
"cve": "CVE-2026-32285",
"cwe": {
"id": "CWE-1285",
"name": "Improper Validation of Specified Index, Position, or Offset in Input"
},
"discovery_date": "2026-03-26T20:01:54.925687+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2451846"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in github.com/buger/jsonparser. The Delete function, when processing malformed JSON input, fails to properly validate offsets. This vulnerability can lead to a negative slice index and a runtime panic, allowing a remote attacker to cause a denial of service (DoS) by providing specially crafted JSON data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/buger/jsonparser: github.com/buger/jsonparser: Denial of Service via malformed JSON input",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"known_not_affected": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32285"
},
{
"category": "external",
"summary": "RHBZ#2451846",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451846"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32285",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32285"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32285",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32285"
},
{
"category": "external",
"summary": "https://github.com/buger/jsonparser/issues/275",
"url": "https://github.com/buger/jsonparser/issues/275"
},
{
"category": "external",
"summary": "https://github.com/golang/vulndb/issues/4514",
"url": "https://github.com/golang/vulndb/issues/4514"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4514",
"url": "https://pkg.go.dev/vuln/GO-2026-4514"
}
],
"release_date": "2026-03-26T19:40:51.837000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-01T22:12:17+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.13/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22347"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/buger/jsonparser: github.com/buger/jsonparser: Denial of Service via malformed JSON input"
},
{
"cve": "CVE-2026-32286",
"cwe": {
"id": "CWE-1285",
"name": "Improper Validation of Specified Index, Position, or Offset in Input"
},
"discovery_date": "2026-03-26T20:01:59.226117+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2451847"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the DataRow.Decode function within the github.com/jackc/pgproto3/v2 component. A malicious or compromised PostgreSQL server can exploit this by sending a DataRow message containing a negative field length. This improper validation of field lengths leads to a \"slice bounds out of range panic\", resulting in a Denial of Service (DoS) for the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/jackc/pgproto3/v2: github.com/jackc/pgproto3/v2: Denial of Service via malicious PostgreSQL server",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The PostgreSQL server multicluster-globalhub-manager connects to is either provisioned by the operator itself or specified by the admin managing the deployment. To successfully exploit the vulnerability in this context the attacker would need to compromise the operator-deployed PostgreSQL server to force a crafted malicious DataRow message or they would need to have the privileges required to modify the operator-provisioned deployment or configure globalhub-manager to use a compromised/malicious \u201cBYO Postgres\u201d server.\n\nThe first scenario (compromising a legitimate PostgreSQL server) would change Attack Complexity from Low to High resulting in an adjusted CVSS v3.1 score of 5.9 (Moderate)\nThe other scenarios (manipulating the operator provisioned-deployment or configuring the globalhub-manager to use a malicious server) would maintain AC:L but would require privileged access. This would change Privileges Required from None to High resulting in an adjusted CVSS v3.1 score of 4.9 (Moderate)\n\nBased on the above the Impact Rating for multicluster-globalhub-manager-rhel9 is Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"known_not_affected": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32286"
},
{
"category": "external",
"summary": "RHBZ#2451847",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451847"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32286",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32286"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32286",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32286"
},
{
"category": "external",
"summary": "https://github.com/golang/vulndb/issues/4518",
"url": "https://github.com/golang/vulndb/issues/4518"
},
{
"category": "external",
"summary": "https://github.com/jackc/pgx/issues/2507",
"url": "https://github.com/jackc/pgx/issues/2507"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4518",
"url": "https://pkg.go.dev/vuln/GO-2026-4518"
}
],
"release_date": "2026-03-26T19:40:51.974000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-01T22:12:17+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.13/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22347"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/jackc/pgproto3/v2: github.com/jackc/pgproto3/v2: Denial of Service via malicious PostgreSQL server"
},
{
"cve": "CVE-2026-33186",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-03-20T23:02:27.802640+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449833"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
],
"known_not_affected": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "RHBZ#2449833",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449833"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33186",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33186"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3",
"url": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3"
}
],
"release_date": "2026-03-20T22:23:32.147000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-01T22:12:17+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.13/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22347"
},
{
"category": "workaround",
"details": "To mitigate this issue, implement infrastructure-level normalization to ensure all incoming HTTP/2 `:path` headers are properly formatted with a leading slash before reaching the gRPC-Go server. This can be achieved by configuring a reverse proxy or API gateway to validate and normalize the `:path` header. Ensure that any such intermediary is properly configured and restarted to apply the changes, which may temporarily impact service availability.",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation"
},
{
"cve": "CVE-2026-33215",
"cwe": {
"id": "CWE-290",
"name": "Authentication Bypass by Spoofing"
},
"discovery_date": "2026-03-24T22:01:19.032191+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2451021"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in NATS-Server. A remote attacker could exploit this vulnerability by manipulating MQTT (Message Queuing Telemetry Transport) Client IDs. This malfeasance allows for the hijacking of client sessions and messages. This could lead to unauthorized access to sensitive information or disruption of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nats-server: NATS-Server: Session and message hijacking via MQTT Client ID malfeasance",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"known_not_affected": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33215"
},
{
"category": "external",
"summary": "RHBZ#2451021",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451021"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33215",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33215"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33215",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33215"
},
{
"category": "external",
"summary": "https://advisories.nats.io/CVE/secnote-2026-06.tx",
"url": "https://advisories.nats.io/CVE/secnote-2026-06.tx"
},
{
"category": "external",
"summary": "https://github.com/nats-io/nats-server/security/advisories/GHSA-fcjp-h8cc-6879",
"url": "https://github.com/nats-io/nats-server/security/advisories/GHSA-fcjp-h8cc-6879"
}
],
"release_date": "2026-03-24T20:55:53.455000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-01T22:12:17+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.13/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22347"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nats-server: NATS-Server: Session and message hijacking via MQTT Client ID malfeasance"
},
{
"cve": "CVE-2026-33216",
"cwe": {
"id": "CWE-213",
"name": "Exposure of Sensitive Information Due to Incompatible Policies"
},
"discovery_date": "2026-03-25T20:02:03.000174+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2451448"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in NATS-Server, a high-performance server for the NATS.io messaging system. For MQTT deployments utilizing usercodes and passwords, the MQTT passwords were mistakenly categorized as non-authenticating identity statements (JSON Web Tokens - JWT). This misclassification leads to the exposure of these passwords through monitoring endpoints, enabling an attacker with access to these endpoints to gain sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nats-server: github.com/nats-io/nats-server: NATS-Server: Information disclosure of MQTT passwords through monitoring endpoints",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"known_not_affected": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33216"
},
{
"category": "external",
"summary": "RHBZ#2451448",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451448"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33216",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33216"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33216",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33216"
},
{
"category": "external",
"summary": "https://advisories.nats.io/CVE/secnote-2026-05.txt",
"url": "https://advisories.nats.io/CVE/secnote-2026-05.txt"
},
{
"category": "external",
"summary": "https://github.com/nats-io/nats-server/commit/b5b63cfc35a57075e09c1f57503d31721bed8099",
"url": "https://github.com/nats-io/nats-server/commit/b5b63cfc35a57075e09c1f57503d31721bed8099"
},
{
"category": "external",
"summary": "https://github.com/nats-io/nats-server/security/advisories/GHSA-v722-jcv5-w7mc",
"url": "https://github.com/nats-io/nats-server/security/advisories/GHSA-v722-jcv5-w7mc"
}
],
"release_date": "2026-03-25T19:41:55.670000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-01T22:12:17+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.13/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22347"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nats-server: github.com/nats-io/nats-server: NATS-Server: Information disclosure of MQTT passwords through monitoring endpoints"
},
{
"cve": "CVE-2026-33217",
"cwe": {
"id": "CWE-425",
"name": "Direct Request (\u0027Forced Browsing\u0027)"
},
"discovery_date": "2026-03-25T20:01:47.815937+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2451446"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in NATS-Server. When Access Control Lists (ACLs) were configured for message subjects, these controls were not correctly applied within the `$MQTT.\u003e` namespace. This oversight allows MQTT clients to bypass the intended ACL checks, potentially granting unauthorized access to sensitive message subjects. This vulnerability could lead to information disclosure or unauthorized message manipulation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nats-server: github.com/nats-io/nats-server: NATS-Server: Access control bypass via unapplied ACLs in MQTT namespace",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"known_not_affected": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33217"
},
{
"category": "external",
"summary": "RHBZ#2451446",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451446"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33217",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33217"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33217",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33217"
},
{
"category": "external",
"summary": "https://advisories.nats.io/CVE/secnote-2026-07.txt",
"url": "https://advisories.nats.io/CVE/secnote-2026-07.txt"
},
{
"category": "external",
"summary": "https://github.com/nats-io/nats-server/security/advisories/GHSA-jxxm-27vp-c3m5",
"url": "https://github.com/nats-io/nats-server/security/advisories/GHSA-jxxm-27vp-c3m5"
}
],
"release_date": "2026-03-25T19:43:40.969000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-01T22:12:17+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.13/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22347"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nats-server: github.com/nats-io/nats-server: NATS-Server: Access control bypass via unapplied ACLs in MQTT namespace"
},
{
"cve": "CVE-2026-33218",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-25T20:02:13.680355+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2451450"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in NATS-Server, a high-performance messaging system. A remote attacker, by connecting to the leafnode port and sending a specially crafted malformed message before authentication, can cause the nats-server to crash. This vulnerability leads to a Denial of Service (DoS), making the server unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nats-server: github.com/nats-io/nats-server: NATS-Server: Denial of Service via malformed message pre-authentication on leafnode port",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"known_not_affected": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33218"
},
{
"category": "external",
"summary": "RHBZ#2451450",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451450"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33218",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33218"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33218",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33218"
},
{
"category": "external",
"summary": "https://advisories.nats.io/CVE/secnote-2026-10.txt",
"url": "https://advisories.nats.io/CVE/secnote-2026-10.txt"
},
{
"category": "external",
"summary": "https://github.com/nats-io/nats-server/security/advisories/GHSA-vprv-35vv-q339",
"url": "https://github.com/nats-io/nats-server/security/advisories/GHSA-vprv-35vv-q339"
}
],
"release_date": "2026-03-25T19:53:12.075000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-01T22:12:17+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.13/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22347"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nats-server: github.com/nats-io/nats-server: NATS-Server: Denial of Service via malformed message pre-authentication on leafnode port"
},
{
"cve": "CVE-2026-33219",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-03-25T20:01:41.235854+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2451445"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in NATS-Server. A malicious client connecting to the WebSockets port can cause unbounded memory use before authentication by sending a large amount of data. This resource exhaustion vulnerability can lead to a Denial of Service (DoS) for the server, making it unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/nats-io/nats-server: NATS-Server: Denial of Service via unbounded memory use in WebSockets",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"known_not_affected": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33219"
},
{
"category": "external",
"summary": "RHBZ#2451445",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451445"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33219",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33219"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33219",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33219"
},
{
"category": "external",
"summary": "https://advisories.nats.io/CVE/secnote-2026-02.txt",
"url": "https://advisories.nats.io/CVE/secnote-2026-02.txt"
},
{
"category": "external",
"summary": "https://advisories.nats.io/CVE/secnote-2026-11.txt",
"url": "https://advisories.nats.io/CVE/secnote-2026-11.txt"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-qrvq-68c2-7grw",
"url": "https://github.com/advisories/GHSA-qrvq-68c2-7grw"
},
{
"category": "external",
"summary": "https://github.com/nats-io/nats-server/security/advisories/GHSA-8r68-gvr4-jh7j",
"url": "https://github.com/nats-io/nats-server/security/advisories/GHSA-8r68-gvr4-jh7j"
}
],
"release_date": "2026-03-25T19:55:28.363000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-01T22:12:17+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.13/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22347"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/nats-io/nats-server: NATS-Server: Denial of Service via unbounded memory use in WebSockets"
},
{
"cve": "CVE-2026-33247",
"cwe": {
"id": "CWE-214",
"name": "Invocation of Process Using Visible Sensitive Information"
},
"discovery_date": "2026-03-25T21:02:07.985713+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2451486"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in NATS-Server. If the NATS-Server is configured with static credentials provided through command-line arguments (argv) and the monitoring port is enabled, a remote attacker with access to the monitoring port can view these credentials. The /debug/vars endpoint on the monitoring port exposes an unredacted copy of the command-line arguments, leading to information disclosure of sensitive authentication details.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/nats-io/nats-server: NATS-Server: Information disclosure of credentials via monitoring port and command-line arguments",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"known_not_affected": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33247"
},
{
"category": "external",
"summary": "RHBZ#2451486",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451486"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33247",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33247"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33247",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33247"
},
{
"category": "external",
"summary": "https://advisories.nats.io/CVE/secnote-2026-14.txt",
"url": "https://advisories.nats.io/CVE/secnote-2026-14.txt"
},
{
"category": "external",
"summary": "https://github.com/nats-io/nats-server/security/advisories/GHSA-x6g4-f6q3-fqvv",
"url": "https://github.com/nats-io/nats-server/security/advisories/GHSA-x6g4-f6q3-fqvv"
}
],
"release_date": "2026-03-25T20:02:18.868000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-01T22:12:17+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.13/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22347"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/nats-io/nats-server: NATS-Server: Information disclosure of credentials via monitoring port and command-line arguments"
},
{
"cve": "CVE-2026-33413",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"discovery_date": "2026-03-26T14:03:01.896580+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2451728"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in etcd, a distributed key-value store. Unauthorized users can bypass authentication or authorization checks when the gRPC API is exposed to untrusted clients. This allows them to access sensitive cluster topology information, disrupt operations through alarms, interfere with lease management, and trigger data compaction, leading to permanent data loss and disruption of critical workflows. This vulnerability can result in information disclosure and denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "etcd: etcd: Authorization bypass allows information disclosure and denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw in etcd allows unauthorized users to bypass authentication or authorization checks when the gRPC API is exposed to untrusted clients and etcd\u0027s built-in authentication is enabled. This can lead to information disclosure and denial of service. Typical Red Hat OpenShift Container Platform and Kubernetes deployments are not affected, as the Kubernetes API server handles authentication and authorization independently of etcd\u0027s internal mechanisms.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"known_not_affected": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33413"
},
{
"category": "external",
"summary": "RHBZ#2451728",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451728"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33413",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33413"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33413",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33413"
},
{
"category": "external",
"summary": "https://github.com/etcd-io/etcd/security/advisories/GHSA-q8m4-xhhv-38mg",
"url": "https://github.com/etcd-io/etcd/security/advisories/GHSA-q8m4-xhhv-38mg"
}
],
"release_date": "2026-03-26T13:36:10.919000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-01T22:12:17+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.13/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22347"
},
{
"category": "workaround",
"details": "Restrict network access to etcd server ports to ensure only trusted components can establish connections. Implement strong client identity at the transport layer, such as mTLS, with tightly scoped client certificate distribution. This will limit unauthorized access to etcd functions.",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "etcd: etcd: Authorization bypass allows information disclosure and denial of service"
},
{
"cve": "CVE-2026-33487",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2026-03-26T18:02:32.278778+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2451814"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in goxmlsig, a Go library for XML Digital Signatures. This vulnerability arises from a programming error, specifically a loop variable capture issue, within the `validateSignature` function. When processing XML Digital Signatures, this error can cause the system to incorrectly validate the signature, potentially allowing an attacker to bypass integrity checks. This issue affects Go versions before 1.22 or projects using older `go.mod` configurations.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/russellhaering/goxmldsig: goxmlsig: Integrity bypass due to incorrect XML Digital Signature validation via loop variable capture issue",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"known_not_affected": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33487"
},
{
"category": "external",
"summary": "RHBZ#2451814",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451814"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33487",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33487"
},
{
"category": "external",
"summary": "https://github.com/russellhaering/goxmldsig/security/advisories/GHSA-479m-364c-43vc",
"url": "https://github.com/russellhaering/goxmldsig/security/advisories/GHSA-479m-364c-43vc"
}
],
"release_date": "2026-03-26T17:17:51.101000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-01T22:12:17+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.13/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22347"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/russellhaering/goxmldsig: goxmlsig: Integrity bypass due to incorrect XML Digital Signature validation via loop variable capture issue"
},
{
"cve": "CVE-2026-33810",
"cwe": {
"id": "CWE-1289",
"name": "Improper Validation of Unsafe Equivalence in Input"
},
"discovery_date": "2026-04-08T02:01:09.100830+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456335"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `crypto/x509` package within Go (golang). When verifying a certificate chain, excluded DNS (Domain Name System) constraints are not correctly applied to wildcard DNS Subject Alternative Names (SANs) if the case of the SAN differs from the constraint. This oversight could allow an attacker to bypass certificate validation, potentially leading to the acceptance of a malicious certificate that should have been rejected. This issue specifically impacts the validation of trusted certificate chains.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Certificate validation bypass due to incorrect DNS constraint application",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in the Go `crypto/x509` package that could allow an attacker to bypass certificate validation. The vulnerability arises from an incorrect application of excluded DNS constraints to wildcard DNS Subject Alternative Names (SANs) when their case differs from the constraint. This could lead to Red Hat products accepting malicious certificates from otherwise trusted chains, compromising the trust model.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x"
],
"known_not_affected": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33810"
},
{
"category": "external",
"summary": "RHBZ#2456335",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456335"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33810",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33810"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810"
},
{
"category": "external",
"summary": "https://go.dev/cl/763763",
"url": "https://go.dev/cl/763763"
},
{
"category": "external",
"summary": "https://go.dev/issue/78332",
"url": "https://go.dev/issue/78332"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4866",
"url": "https://pkg.go.dev/vuln/GO-2026-4866"
}
],
"release_date": "2026-04-08T01:06:56.546000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-01T22:12:17+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.13/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22347"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Certificate validation bypass due to incorrect DNS constraint application"
},
{
"cve": "CVE-2026-33813",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2026-04-21T20:01:02.224363+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2460221"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/image. A remote attacker could exploit this vulnerability by providing a specially crafted WEBP image with an invalid, large size. This could cause the application to panic and crash on 32-bit platforms, leading to a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/image: golang: golang.org/x/image: Denial of Service via malformed WEBP image parsing",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"known_not_affected": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33813"
},
{
"category": "external",
"summary": "RHBZ#2460221",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460221"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33813",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33813"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33813",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33813"
},
{
"category": "external",
"summary": "https://go.dev/cl/759860",
"url": "https://go.dev/cl/759860"
},
{
"category": "external",
"summary": "https://go.dev/issue/78407",
"url": "https://go.dev/issue/78407"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4961",
"url": "https://pkg.go.dev/vuln/GO-2026-4961"
}
],
"release_date": "2026-04-21T19:21:27.644000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-01T22:12:17+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.13/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22347"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/image: golang: golang.org/x/image: Denial of Service via malformed WEBP image parsing"
},
{
"cve": "CVE-2026-33997",
"cwe": {
"id": "CWE-266",
"name": "Incorrect Privilege Assignment"
},
"discovery_date": "2026-03-31T03:01:29.529297+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453277"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Moby, an open-source container framework. This vulnerability allows for a privilege validation bypass during `docker plugin install`. Due to an error in the daemon\u0027s privilege comparison logic, the system may incorrectly accept a plugin\u0027s requested privileges that differ from those approved by the user. This could lead to unauthorized privilege escalation for installed plugins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "moby: docker: github.com/moby/moby: Moby: Privilege validation bypass during plugin installation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "An important flaw in Moby, an open-source container framework, allows for a privilege validation bypass during `docker plugin install`. This issue stems from an error in the daemon\u0027s privilege comparison logic, which could lead to unauthorized privilege escalation for installed plugins. Red Hat products that leverage Moby and allow Docker plugin installation are affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"known_not_affected": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33997"
},
{
"category": "external",
"summary": "RHBZ#2453277",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453277"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33997",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33997"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33997",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33997"
},
{
"category": "external",
"summary": "https://github.com/moby/moby/releases/tag/docker-v29.3.1",
"url": "https://github.com/moby/moby/releases/tag/docker-v29.3.1"
},
{
"category": "external",
"summary": "https://github.com/moby/moby/security/advisories/GHSA-pxq6-2prw-chj9",
"url": "https://github.com/moby/moby/security/advisories/GHSA-pxq6-2prw-chj9"
}
],
"release_date": "2026-03-31T01:36:51.404000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-01T22:12:17+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.13/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22347"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "moby: docker: github.com/moby/moby: Moby: Privilege validation bypass during plugin installation"
},
{
"cve": "CVE-2026-34040",
"cwe": {
"id": "CWE-807",
"name": "Reliance on Untrusted Inputs in a Security Decision"
},
"discovery_date": "2026-03-31T03:01:34.530713+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453278"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Moby, an open-source container framework. This security vulnerability allows attackers to bypass authorization plugins (AuthZ), which are mechanisms designed to control access and permissions within the container environment. The bypass of these plugins can lead to unauthorized operations and potential compromise of the system\u0027s integrity and confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Moby: Moby: Authorization bypass vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"known_not_affected": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-34040"
},
{
"category": "external",
"summary": "RHBZ#2453278",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453278"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-34040",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34040"
},
{
"category": "external",
"summary": "https://github.com/moby/moby/releases/tag/docker-v29.3.1",
"url": "https://github.com/moby/moby/releases/tag/docker-v29.3.1"
},
{
"category": "external",
"summary": "https://github.com/moby/moby/security/advisories/GHSA-x744-4wpc-v9h2",
"url": "https://github.com/moby/moby/security/advisories/GHSA-x744-4wpc-v9h2"
}
],
"release_date": "2026-03-31T01:36:48.205000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-01T22:12:17+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.13/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22347"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Moby: Moby: Authorization bypass vulnerability"
},
{
"cve": "CVE-2026-34986",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-04-06T17:01:34.639203+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455470"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"known_not_affected": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "RHBZ#2455470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-34986",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34986"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants",
"url": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants"
}
],
"release_date": "2026-04-06T16:22:45.353000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-01T22:12:17+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.13/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22347"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object"
},
{
"cve": "CVE-2026-40890",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-04-21T20:02:56.729456+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2460245"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in github.com/gomarkdown/markdown, a Go library for parsing Markdown text and rendering as HTML. A remote attacker could exploit this vulnerability by providing a specially crafted malformed input. Specifically, input containing a \u0027\u003c\u0027 character not followed by a \u0027\u003e\u0027 character, when processed by the SmartypantsRenderer, can lead to an out-of-bounds read or a panic. This can result in a denial of service (DoS) for the application, making it unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/gomarkdown/markdown: github.com/gomarkdown/markdown: Denial of Service via malformed Markdown input",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service flaw affecting Red Hat products that utilize the `github.com/gomarkdown/markdown` library. The vulnerability occurs when the `SmartypantsRenderer` processes specially crafted malformed Markdown input containing an unclosed \u0027\u003c\u0027 character, leading to an out-of-bounds read or application panic. A successful exploitation may lead the application using the library unavailable.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"known_not_affected": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-40890"
},
{
"category": "external",
"summary": "RHBZ#2460245",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460245"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-40890",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40890"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-40890",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40890"
},
{
"category": "external",
"summary": "https://github.com/gomarkdown/markdown/commit/759bbc3e32073c3bc4e25969c132fc520eda2778",
"url": "https://github.com/gomarkdown/markdown/commit/759bbc3e32073c3bc4e25969c132fc520eda2778"
},
{
"category": "external",
"summary": "https://github.com/gomarkdown/markdown/security/advisories/GHSA-77fj-vx54-gvh7",
"url": "https://github.com/gomarkdown/markdown/security/advisories/GHSA-77fj-vx54-gvh7"
}
],
"release_date": "2026-04-21T19:51:53.237000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-01T22:12:17+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.13/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22347"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "github.com/gomarkdown/markdown: github.com/gomarkdown/markdown: Denial of Service via malformed Markdown input"
},
{
"cve": "CVE-2026-41602",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2026-04-28T10:01:16.099816+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2463407"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Thrift TFramedTransport Go language implementation. This integer overflow or wraparound vulnerability could potentially allow an attacker to cause unexpected behavior or resource exhaustion, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/apache/thrift: Apache Thrift: Integer Overflow in TFramedTransport Go implementation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"known_not_affected": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-41602"
},
{
"category": "external",
"summary": "RHBZ#2463407",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2463407"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-41602",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-41602"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-41602",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41602"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2026/04/28/6",
"url": "http://www.openwall.com/lists/oss-security/2026/04/28/6"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql",
"url": "https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql"
}
],
"release_date": "2026-04-28T09:19:06.646000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-01T22:12:17+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.13/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22347"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/apache/thrift: Apache Thrift: Integer Overflow in TFramedTransport Go implementation"
},
{
"cve": "CVE-2026-41603",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2026-04-28T10:01:29.782287+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2463411"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Thrift. This vulnerability involves improper validation of server certificates, where the hostname presented in the certificate does not match the expected hostname. A remote attacker could exploit this to impersonate a legitimate server, potentially intercepting or altering sensitive communications and leading to unauthorized access or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Apache Thrift: apache.com/apache/thrift: Apache Thrift: Security Bypass via Improper Certificate Hostname Validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"known_not_affected": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-41603"
},
{
"category": "external",
"summary": "RHBZ#2463411",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2463411"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-41603",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-41603"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-41603",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41603"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2026/04/28/7",
"url": "http://www.openwall.com/lists/oss-security/2026/04/28/7"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql",
"url": "https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql"
}
],
"release_date": "2026-04-28T09:19:40.564000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-01T22:12:17+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.13/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22347"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Apache Thrift: apache.com/apache/thrift: Apache Thrift: Security Bypass via Improper Certificate Hostname Validation"
},
{
"cve": "CVE-2026-41604",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2026-04-28T10:01:47.903741+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2463416"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Thrift. This out-of-bounds read vulnerability could allow an attacker to access memory outside of allocated bounds. This could lead to information disclosure or potentially a denial of service (DoS) condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Apache Thrift: apache.com/apache/thrift: Apache Thrift: Out-of-bounds Read vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"known_not_affected": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-41604"
},
{
"category": "external",
"summary": "RHBZ#2463416",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2463416"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-41604",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-41604"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-41604",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41604"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2026/04/28/5",
"url": "http://www.openwall.com/lists/oss-security/2026/04/28/5"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql",
"url": "https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql"
}
],
"release_date": "2026-04-28T09:20:13.996000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-01T22:12:17+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.13/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22347"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Apache Thrift: apache.com/apache/thrift: Apache Thrift: Out-of-bounds Read vulnerability"
},
{
"cve": "CVE-2026-41605",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2026-04-28T10:01:54.269412+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2463418"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Thrift. This integer overflow or wraparound vulnerability could potentially lead to unexpected behavior or resource exhaustion, which may impact the availability or integrity of the system. The exact consequences depend on how the overflow is triggered and handled within the application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Apache Thrift: Apache Thrift: Integer Overflow or Wraparound Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"known_not_affected": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-41605"
},
{
"category": "external",
"summary": "RHBZ#2463418",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2463418"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-41605",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-41605"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-41605",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41605"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2026/04/28/4",
"url": "http://www.openwall.com/lists/oss-security/2026/04/28/4"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql",
"url": "https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql"
}
],
"release_date": "2026-04-28T09:20:44.319000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-01T22:12:17+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.13/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22347"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Apache Thrift: Apache Thrift: Integer Overflow or Wraparound Vulnerability"
},
{
"cve": "CVE-2026-41606",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2026-04-28T10:01:19.136351+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2463408"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Thrift. An uncontrolled recursion vulnerability exists, which could allow a remote attacker to trigger a Denial of Service (DoS) condition. This occurs when the affected component processes specially crafted input, leading to excessive resource consumption and system unavailability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Apache Thrift: Apache Thrift: Denial of Service via uncontrolled recursion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"known_not_affected": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-41606"
},
{
"category": "external",
"summary": "RHBZ#2463408",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2463408"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-41606",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-41606"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-41606",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41606"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2026/04/28/3",
"url": "http://www.openwall.com/lists/oss-security/2026/04/28/3"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql",
"url": "https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql"
}
],
"release_date": "2026-04-28T09:21:12.815000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-01T22:12:17+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.13/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22347"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Apache Thrift: Apache Thrift: Denial of Service via uncontrolled recursion"
},
{
"cve": "CVE-2026-41607",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2026-04-28T10:01:33.022623+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2463412"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Thrift. This out-of-bounds read vulnerability can lead to the disclosure of sensitive information or a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Apache Thrift: apache.com/apache/thrift: Apache Thrift: Out-of-bounds Read vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"known_not_affected": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-41607"
},
{
"category": "external",
"summary": "RHBZ#2463412",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2463412"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-41607",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-41607"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-41607",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41607"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2026/04/28/2",
"url": "http://www.openwall.com/lists/oss-security/2026/04/28/2"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql",
"url": "https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql"
}
],
"release_date": "2026-04-28T09:21:48.502000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-01T22:12:17+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.13/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22347"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Apache Thrift: apache.com/apache/thrift: Apache Thrift: Out-of-bounds Read vulnerability"
},
{
"cve": "CVE-2026-41636",
"cwe": {
"id": "CWE-776",
"name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
},
"discovery_date": "2026-04-28T10:01:03.992199+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2463404"
}
],
"notes": [
{
"category": "description",
"text": "Uncontrolled Recursion vulnerability in Apache Thrift Node.js bindings\n\nThis issue affects Apache Thrift: before 0.23.0.\n\nUsers are recommended to upgrade to version 0.23.0, which fixes the issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache.com/apache/thrift: Apache Thrift: Node.js skip() recursion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"known_not_affected": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-41636"
},
{
"category": "external",
"summary": "RHBZ#2463404",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2463404"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-41636",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-41636"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-41636",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41636"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2026/04/28/1",
"url": "http://www.openwall.com/lists/oss-security/2026/04/28/1"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql",
"url": "https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql"
}
],
"release_date": "2026-04-28T09:22:14.639000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-01T22:12:17+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.13/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22347"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache.com/apache/thrift: Apache Thrift: Node.js skip() recursion"
},
{
"cve": "CVE-2026-43869",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2026-05-05T08:00:56.417384+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2466660"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Thrift. This vulnerability involves improper validation of a certificate with a host mismatch, which could allow a remote attacker to bypass security checks. By presenting a specially crafted certificate, an attacker may impersonate a legitimate server or client. This could lead to a security bypass, potentially enabling unauthorized access or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Apache Thrift: Apache Thrift: Security bypass due to improper certificate validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"known_not_affected": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-43869"
},
{
"category": "external",
"summary": "RHBZ#2466660",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466660"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-43869",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43869"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-43869",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43869"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/3hsgl1b69wzq3ry39scqbv2dhyl3j52r",
"url": "https://lists.apache.org/thread/3hsgl1b69wzq3ry39scqbv2dhyl3j52r"
}
],
"release_date": "2026-05-05T07:25:48.611000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-01T22:12:17+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.13/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22347"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:0b9dec4d176e5565b83022c319fd5d7182e75280b18ab26c8d7c93400590b49f_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:1c700922d285d2c4d08f2288c7c349c96ce58d4320ea9357a746ef7370cb58fe_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:90d4bf9aff2231c853329b597cadf7bf05abd2ca2b11f8edda409155447af981_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f4186f245542f4c8bbe65958c053737d201318c94077d56b22bdcf01207109e1_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0465ebb0af8b850f3266a5e3400b269d420a6280cb6b883a606f9b588c102acc_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:7e2f0f5047b68c0c095994c26952a22e282c5a903cdd777310ef2bc7341cd22e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:cdd8450206b5ffc96f1ca6e0b3ab7b582abf47aad8ece474eb14a035fb355d35_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:e893adfe11d4ace5f9ae4dc1d1b31a8a3c5d1a0c42f033f4d34c452ec294c608_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:06b139d24be23e09faa76eaa046a44985761256e5d4cd066e141a0f559c2eeb6_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:302f8ed5a96fed437997968b1f176d82a47ed82915b4dfa533d18bb0d862a47c_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6e453cd26458e3ae936c315676c3821027e58f2839dbc961b06f67b2107360_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:e558cd17db0182d6d4cdbc225a1865c80a0f60e8b5dbfcd2d8c0d9a5a35207f3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:fcc094ea7d3ea843c9844c02e432cfc3057a60c67b0b11aa94024452b9d04654_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:3424285f784830793954fbbe211595acc20e8b22908bb3b777c872ad26603223_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:4d826566a79f4334947f04518e77c2c047127c734d6512bfaf3c2a9b3da47b1c_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:82eb20a578cc227af2c38d51829d82854b60ec92a18d97df0a28ca5a7f9cfab1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:9726e04b4c8cb8cb46368b8901dd9dc692a811f93b6020a055040b1c5c9b3f6a_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20e13782a2f6da9e44085635d93c45c6a62bf37cbfc6370d48ebdfb344688bb1_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:2c45a63b55be2e157cf20129502707955fe9d0ff7b7dd970ee48a2875f2df134_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:71c48f9833ee51bfea877223a14073bd79839b5d0dd85867188fbd908ae23f31_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:81949f5fee45799df9566ec4031893c1bf4f9f2d22920591056cf4129bbd54af_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Apache Thrift: Apache Thrift: Security bypass due to improper certificate validation"
}
]
}
RHSA-2026:22415
Vulnerability from csaf_redhat - Published: 2026-06-02 06:45 - Updated: 2026-07-13 23:21A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:246f0c4c5ed0596046e0e1a182e95f839e3c60ea70626dd4dbc96dbfa9f420ef_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:5378a1adb83ce50d43a2144472902bf6ad653e00004c611254e1e990f6cba9f5_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:6ff63c0f7b566a1d05ffcc9cf3dd634770f029acd4a00c28827013ccb5f5a864_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:e9372558816be2996ec2a19f1e1af322132022d5021922ef8073e2cd337ea9dd_s390x | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:73e2fa81283566d7a7e815c478924e54a53ebb4392f253b14f16a62667bcdf45_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:a18381897205dbbcc7d0f703baffd77ff9102f1b5a9da60bf7ca1006a8f9c0b1_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:dfc63b1ac74fd0d568a1aa513376a741f909f62276edcb28981ad7b82ce25f2c_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:f3856351a9827a63ca2548b4fa1b6a8206b75635957d597d610582d99ceb2d7a_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:10be9fbec807b14c4d2ed0ef68ce01fe9125aac57698a550f6049d0e32a83f10_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:34941086cc098a607cd45114365ab8e68bc78a41c4f7f521f9ed44f27176ad64_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:60db01bae2dc9030f74814c4d6cc57216a2279bf1e752fad0c44a3e5c81da813_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:c951d1a079c70504858aa384c3ee07a68375ce363585803e9630ede6e64b85a5_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:285635963834911b48abffd3aad1d015ee6da0d00fb97fbef05a2acf40e77d6d_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:3a5a26c81fbb9eaf7d5d9e32faada021f2506cfa50a484193ac6f7a6e6ef7240_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:85a2360a2e9f396e77762b548e2b82e1e0b6e98ae28e4ca64232e0578b142bc6_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:f36031392780c050379ee53334d5638dc511a27e71b1e9f29edb829967b64816_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:434b787c46060337e557b0f9d4907ea7939ce393c7e136292a84889da9e2c684_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:9ba60d6db6847b79dd273e5c6cda79bc7df146ca78694b489e516b2bcded3af6_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:aaaa3ebb03fa81569ac24b1e9067b1a15375532d738a04034425fd0be7cc1760_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:cb8f70ddcd8943a4aad7d8c35672f01d7826c312b9634b6abf51ddea804c0f13_s390x | — |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Assisted installer RHEL 9 components for the multicluster engine for Kubernetes 2.17.0 General Availability release, with updates to container images.",
"title": "Topic"
},
{
"category": "general",
"text": "Assisted Installer RHEL 9 integrates components for the general multicluster engine\nfor Kubernetes 2.17.0 release that simplify the process of deploying OpenShift Container\nPlatform clusters.\n\nThe multicluster engine for Kubernetes provides the foundational components\nthat are necessary for the centralized management of multiple\nKubernetes-based clusters across data centers, public clouds, and private\nclouds.\n\nYou can use the engine to create new Red Hat OpenShift Container Platform\nclusters, or to import existing Kubernetes-based clusters for management.\n\nAfter the clusters are managed, you can use the APIs that\nare provided by the engine to distribute configuration based on placement\npolicy.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:22415",
"url": "https://access.redhat.com/errata/RHSA-2026:22415"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32280",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_22415.json"
}
],
"title": "Red Hat Security Advisory: Assisted Installer RHEL 9 components for Multicluster Engine for Kubernetes 2.17.0",
"tracking": {
"current_release_date": "2026-07-13T23:21:49+00:00",
"generator": {
"date": "2026-07-13T23:21:49+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.2"
}
},
"id": "RHSA-2026:22415",
"initial_release_date": "2026-06-02T06:45:57+00:00",
"revision_history": [
{
"date": "2026-06-02T06:45:57+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-02T06:46:03+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-13T23:21:49+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "multicluster engine for Kubernetes 2.17",
"product": {
"name": "multicluster engine for Kubernetes 2.17",
"product_id": "multicluster engine for Kubernetes 2.17",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:multicluster_engine:2.17::el9"
}
}
}
],
"category": "product_family",
"name": "multicluster engine for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:dfc63b1ac74fd0d568a1aa513376a741f909f62276edcb28981ad7b82ce25f2c_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:dfc63b1ac74fd0d568a1aa513376a741f909f62276edcb28981ad7b82ce25f2c_amd64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:dfc63b1ac74fd0d568a1aa513376a741f909f62276edcb28981ad7b82ce25f2c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-image-service-rhel9@sha256%3Adfc63b1ac74fd0d568a1aa513376a741f909f62276edcb28981ad7b82ce25f2c?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-image-service-rhel9\u0026tag=1780153178"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:9ba60d6db6847b79dd273e5c6cda79bc7df146ca78694b489e516b2bcded3af6_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:9ba60d6db6847b79dd273e5c6cda79bc7df146ca78694b489e516b2bcded3af6_amd64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:9ba60d6db6847b79dd273e5c6cda79bc7df146ca78694b489e516b2bcded3af6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-rhel9@sha256%3A9ba60d6db6847b79dd273e5c6cda79bc7df146ca78694b489e516b2bcded3af6?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-rhel9\u0026tag=1780298958"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:10be9fbec807b14c4d2ed0ef68ce01fe9125aac57698a550f6049d0e32a83f10_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:10be9fbec807b14c4d2ed0ef68ce01fe9125aac57698a550f6049d0e32a83f10_amd64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:10be9fbec807b14c4d2ed0ef68ce01fe9125aac57698a550f6049d0e32a83f10_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-agent-rhel9@sha256%3A10be9fbec807b14c4d2ed0ef68ce01fe9125aac57698a550f6049d0e32a83f10?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9\u0026tag=1780299027"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:f36031392780c050379ee53334d5638dc511a27e71b1e9f29edb829967b64816_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:f36031392780c050379ee53334d5638dc511a27e71b1e9f29edb829967b64816_amd64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:f36031392780c050379ee53334d5638dc511a27e71b1e9f29edb829967b64816_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-controller-rhel9@sha256%3Af36031392780c050379ee53334d5638dc511a27e71b1e9f29edb829967b64816?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9\u0026tag=1780298980"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:5378a1adb83ce50d43a2144472902bf6ad653e00004c611254e1e990f6cba9f5_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:5378a1adb83ce50d43a2144472902bf6ad653e00004c611254e1e990f6cba9f5_amd64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:5378a1adb83ce50d43a2144472902bf6ad653e00004c611254e1e990f6cba9f5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-service-9-rhel9@sha256%3A5378a1adb83ce50d43a2144472902bf6ad653e00004c611254e1e990f6cba9f5?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-service-9-rhel9\u0026tag=1780297056"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:73e2fa81283566d7a7e815c478924e54a53ebb4392f253b14f16a62667bcdf45_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:73e2fa81283566d7a7e815c478924e54a53ebb4392f253b14f16a62667bcdf45_arm64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:73e2fa81283566d7a7e815c478924e54a53ebb4392f253b14f16a62667bcdf45_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-image-service-rhel9@sha256%3A73e2fa81283566d7a7e815c478924e54a53ebb4392f253b14f16a62667bcdf45?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-image-service-rhel9\u0026tag=1780153178"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:434b787c46060337e557b0f9d4907ea7939ce393c7e136292a84889da9e2c684_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:434b787c46060337e557b0f9d4907ea7939ce393c7e136292a84889da9e2c684_arm64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:434b787c46060337e557b0f9d4907ea7939ce393c7e136292a84889da9e2c684_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-rhel9@sha256%3A434b787c46060337e557b0f9d4907ea7939ce393c7e136292a84889da9e2c684?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-rhel9\u0026tag=1780298958"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:c951d1a079c70504858aa384c3ee07a68375ce363585803e9630ede6e64b85a5_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:c951d1a079c70504858aa384c3ee07a68375ce363585803e9630ede6e64b85a5_arm64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:c951d1a079c70504858aa384c3ee07a68375ce363585803e9630ede6e64b85a5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-agent-rhel9@sha256%3Ac951d1a079c70504858aa384c3ee07a68375ce363585803e9630ede6e64b85a5?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9\u0026tag=1780299027"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:285635963834911b48abffd3aad1d015ee6da0d00fb97fbef05a2acf40e77d6d_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:285635963834911b48abffd3aad1d015ee6da0d00fb97fbef05a2acf40e77d6d_arm64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:285635963834911b48abffd3aad1d015ee6da0d00fb97fbef05a2acf40e77d6d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-controller-rhel9@sha256%3A285635963834911b48abffd3aad1d015ee6da0d00fb97fbef05a2acf40e77d6d?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9\u0026tag=1780298980"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:6ff63c0f7b566a1d05ffcc9cf3dd634770f029acd4a00c28827013ccb5f5a864_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:6ff63c0f7b566a1d05ffcc9cf3dd634770f029acd4a00c28827013ccb5f5a864_arm64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:6ff63c0f7b566a1d05ffcc9cf3dd634770f029acd4a00c28827013ccb5f5a864_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-service-9-rhel9@sha256%3A6ff63c0f7b566a1d05ffcc9cf3dd634770f029acd4a00c28827013ccb5f5a864?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-service-9-rhel9\u0026tag=1780297056"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:a18381897205dbbcc7d0f703baffd77ff9102f1b5a9da60bf7ca1006a8f9c0b1_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:a18381897205dbbcc7d0f703baffd77ff9102f1b5a9da60bf7ca1006a8f9c0b1_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:a18381897205dbbcc7d0f703baffd77ff9102f1b5a9da60bf7ca1006a8f9c0b1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-image-service-rhel9@sha256%3Aa18381897205dbbcc7d0f703baffd77ff9102f1b5a9da60bf7ca1006a8f9c0b1?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-image-service-rhel9\u0026tag=1780153178"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:aaaa3ebb03fa81569ac24b1e9067b1a15375532d738a04034425fd0be7cc1760_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:aaaa3ebb03fa81569ac24b1e9067b1a15375532d738a04034425fd0be7cc1760_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:aaaa3ebb03fa81569ac24b1e9067b1a15375532d738a04034425fd0be7cc1760_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-rhel9@sha256%3Aaaaa3ebb03fa81569ac24b1e9067b1a15375532d738a04034425fd0be7cc1760?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-rhel9\u0026tag=1780298958"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:60db01bae2dc9030f74814c4d6cc57216a2279bf1e752fad0c44a3e5c81da813_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:60db01bae2dc9030f74814c4d6cc57216a2279bf1e752fad0c44a3e5c81da813_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:60db01bae2dc9030f74814c4d6cc57216a2279bf1e752fad0c44a3e5c81da813_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-agent-rhel9@sha256%3A60db01bae2dc9030f74814c4d6cc57216a2279bf1e752fad0c44a3e5c81da813?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9\u0026tag=1780299027"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:85a2360a2e9f396e77762b548e2b82e1e0b6e98ae28e4ca64232e0578b142bc6_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:85a2360a2e9f396e77762b548e2b82e1e0b6e98ae28e4ca64232e0578b142bc6_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:85a2360a2e9f396e77762b548e2b82e1e0b6e98ae28e4ca64232e0578b142bc6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-controller-rhel9@sha256%3A85a2360a2e9f396e77762b548e2b82e1e0b6e98ae28e4ca64232e0578b142bc6?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9\u0026tag=1780298980"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:246f0c4c5ed0596046e0e1a182e95f839e3c60ea70626dd4dbc96dbfa9f420ef_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:246f0c4c5ed0596046e0e1a182e95f839e3c60ea70626dd4dbc96dbfa9f420ef_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:246f0c4c5ed0596046e0e1a182e95f839e3c60ea70626dd4dbc96dbfa9f420ef_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-service-9-rhel9@sha256%3A246f0c4c5ed0596046e0e1a182e95f839e3c60ea70626dd4dbc96dbfa9f420ef?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-service-9-rhel9\u0026tag=1780297056"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:f3856351a9827a63ca2548b4fa1b6a8206b75635957d597d610582d99ceb2d7a_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:f3856351a9827a63ca2548b4fa1b6a8206b75635957d597d610582d99ceb2d7a_s390x",
"product_id": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:f3856351a9827a63ca2548b4fa1b6a8206b75635957d597d610582d99ceb2d7a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/assisted-image-service-rhel9@sha256%3Af3856351a9827a63ca2548b4fa1b6a8206b75635957d597d610582d99ceb2d7a?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-image-service-rhel9\u0026tag=1780153178"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:cb8f70ddcd8943a4aad7d8c35672f01d7826c312b9634b6abf51ddea804c0f13_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:cb8f70ddcd8943a4aad7d8c35672f01d7826c312b9634b6abf51ddea804c0f13_s390x",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:cb8f70ddcd8943a4aad7d8c35672f01d7826c312b9634b6abf51ddea804c0f13_s390x",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-rhel9@sha256%3Acb8f70ddcd8943a4aad7d8c35672f01d7826c312b9634b6abf51ddea804c0f13?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-rhel9\u0026tag=1780298958"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:34941086cc098a607cd45114365ab8e68bc78a41c4f7f521f9ed44f27176ad64_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:34941086cc098a607cd45114365ab8e68bc78a41c4f7f521f9ed44f27176ad64_s390x",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:34941086cc098a607cd45114365ab8e68bc78a41c4f7f521f9ed44f27176ad64_s390x",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-agent-rhel9@sha256%3A34941086cc098a607cd45114365ab8e68bc78a41c4f7f521f9ed44f27176ad64?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9\u0026tag=1780299027"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:3a5a26c81fbb9eaf7d5d9e32faada021f2506cfa50a484193ac6f7a6e6ef7240_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:3a5a26c81fbb9eaf7d5d9e32faada021f2506cfa50a484193ac6f7a6e6ef7240_s390x",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:3a5a26c81fbb9eaf7d5d9e32faada021f2506cfa50a484193ac6f7a6e6ef7240_s390x",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-controller-rhel9@sha256%3A3a5a26c81fbb9eaf7d5d9e32faada021f2506cfa50a484193ac6f7a6e6ef7240?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9\u0026tag=1780298980"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:e9372558816be2996ec2a19f1e1af322132022d5021922ef8073e2cd337ea9dd_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:e9372558816be2996ec2a19f1e1af322132022d5021922ef8073e2cd337ea9dd_s390x",
"product_id": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:e9372558816be2996ec2a19f1e1af322132022d5021922ef8073e2cd337ea9dd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/assisted-service-9-rhel9@sha256%3Ae9372558816be2996ec2a19f1e1af322132022d5021922ef8073e2cd337ea9dd?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-service-9-rhel9\u0026tag=1780297056"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:73e2fa81283566d7a7e815c478924e54a53ebb4392f253b14f16a62667bcdf45_arm64 as a component of multicluster engine for Kubernetes 2.17",
"product_id": "multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:73e2fa81283566d7a7e815c478924e54a53ebb4392f253b14f16a62667bcdf45_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:73e2fa81283566d7a7e815c478924e54a53ebb4392f253b14f16a62667bcdf45_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:a18381897205dbbcc7d0f703baffd77ff9102f1b5a9da60bf7ca1006a8f9c0b1_ppc64le as a component of multicluster engine for Kubernetes 2.17",
"product_id": "multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:a18381897205dbbcc7d0f703baffd77ff9102f1b5a9da60bf7ca1006a8f9c0b1_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:a18381897205dbbcc7d0f703baffd77ff9102f1b5a9da60bf7ca1006a8f9c0b1_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:dfc63b1ac74fd0d568a1aa513376a741f909f62276edcb28981ad7b82ce25f2c_amd64 as a component of multicluster engine for Kubernetes 2.17",
"product_id": "multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:dfc63b1ac74fd0d568a1aa513376a741f909f62276edcb28981ad7b82ce25f2c_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:dfc63b1ac74fd0d568a1aa513376a741f909f62276edcb28981ad7b82ce25f2c_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:f3856351a9827a63ca2548b4fa1b6a8206b75635957d597d610582d99ceb2d7a_s390x as a component of multicluster engine for Kubernetes 2.17",
"product_id": "multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:f3856351a9827a63ca2548b4fa1b6a8206b75635957d597d610582d99ceb2d7a_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:f3856351a9827a63ca2548b4fa1b6a8206b75635957d597d610582d99ceb2d7a_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:10be9fbec807b14c4d2ed0ef68ce01fe9125aac57698a550f6049d0e32a83f10_amd64 as a component of multicluster engine for Kubernetes 2.17",
"product_id": "multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:10be9fbec807b14c4d2ed0ef68ce01fe9125aac57698a550f6049d0e32a83f10_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:10be9fbec807b14c4d2ed0ef68ce01fe9125aac57698a550f6049d0e32a83f10_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:34941086cc098a607cd45114365ab8e68bc78a41c4f7f521f9ed44f27176ad64_s390x as a component of multicluster engine for Kubernetes 2.17",
"product_id": "multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:34941086cc098a607cd45114365ab8e68bc78a41c4f7f521f9ed44f27176ad64_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:34941086cc098a607cd45114365ab8e68bc78a41c4f7f521f9ed44f27176ad64_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:60db01bae2dc9030f74814c4d6cc57216a2279bf1e752fad0c44a3e5c81da813_ppc64le as a component of multicluster engine for Kubernetes 2.17",
"product_id": "multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:60db01bae2dc9030f74814c4d6cc57216a2279bf1e752fad0c44a3e5c81da813_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:60db01bae2dc9030f74814c4d6cc57216a2279bf1e752fad0c44a3e5c81da813_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:c951d1a079c70504858aa384c3ee07a68375ce363585803e9630ede6e64b85a5_arm64 as a component of multicluster engine for Kubernetes 2.17",
"product_id": "multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:c951d1a079c70504858aa384c3ee07a68375ce363585803e9630ede6e64b85a5_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:c951d1a079c70504858aa384c3ee07a68375ce363585803e9630ede6e64b85a5_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:285635963834911b48abffd3aad1d015ee6da0d00fb97fbef05a2acf40e77d6d_arm64 as a component of multicluster engine for Kubernetes 2.17",
"product_id": "multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:285635963834911b48abffd3aad1d015ee6da0d00fb97fbef05a2acf40e77d6d_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:285635963834911b48abffd3aad1d015ee6da0d00fb97fbef05a2acf40e77d6d_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:3a5a26c81fbb9eaf7d5d9e32faada021f2506cfa50a484193ac6f7a6e6ef7240_s390x as a component of multicluster engine for Kubernetes 2.17",
"product_id": "multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:3a5a26c81fbb9eaf7d5d9e32faada021f2506cfa50a484193ac6f7a6e6ef7240_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:3a5a26c81fbb9eaf7d5d9e32faada021f2506cfa50a484193ac6f7a6e6ef7240_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:85a2360a2e9f396e77762b548e2b82e1e0b6e98ae28e4ca64232e0578b142bc6_ppc64le as a component of multicluster engine for Kubernetes 2.17",
"product_id": "multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:85a2360a2e9f396e77762b548e2b82e1e0b6e98ae28e4ca64232e0578b142bc6_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:85a2360a2e9f396e77762b548e2b82e1e0b6e98ae28e4ca64232e0578b142bc6_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:f36031392780c050379ee53334d5638dc511a27e71b1e9f29edb829967b64816_amd64 as a component of multicluster engine for Kubernetes 2.17",
"product_id": "multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:f36031392780c050379ee53334d5638dc511a27e71b1e9f29edb829967b64816_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:f36031392780c050379ee53334d5638dc511a27e71b1e9f29edb829967b64816_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:434b787c46060337e557b0f9d4907ea7939ce393c7e136292a84889da9e2c684_arm64 as a component of multicluster engine for Kubernetes 2.17",
"product_id": "multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:434b787c46060337e557b0f9d4907ea7939ce393c7e136292a84889da9e2c684_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:434b787c46060337e557b0f9d4907ea7939ce393c7e136292a84889da9e2c684_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:9ba60d6db6847b79dd273e5c6cda79bc7df146ca78694b489e516b2bcded3af6_amd64 as a component of multicluster engine for Kubernetes 2.17",
"product_id": "multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:9ba60d6db6847b79dd273e5c6cda79bc7df146ca78694b489e516b2bcded3af6_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:9ba60d6db6847b79dd273e5c6cda79bc7df146ca78694b489e516b2bcded3af6_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:aaaa3ebb03fa81569ac24b1e9067b1a15375532d738a04034425fd0be7cc1760_ppc64le as a component of multicluster engine for Kubernetes 2.17",
"product_id": "multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:aaaa3ebb03fa81569ac24b1e9067b1a15375532d738a04034425fd0be7cc1760_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:aaaa3ebb03fa81569ac24b1e9067b1a15375532d738a04034425fd0be7cc1760_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:cb8f70ddcd8943a4aad7d8c35672f01d7826c312b9634b6abf51ddea804c0f13_s390x as a component of multicluster engine for Kubernetes 2.17",
"product_id": "multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:cb8f70ddcd8943a4aad7d8c35672f01d7826c312b9634b6abf51ddea804c0f13_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:cb8f70ddcd8943a4aad7d8c35672f01d7826c312b9634b6abf51ddea804c0f13_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:246f0c4c5ed0596046e0e1a182e95f839e3c60ea70626dd4dbc96dbfa9f420ef_ppc64le as a component of multicluster engine for Kubernetes 2.17",
"product_id": "multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:246f0c4c5ed0596046e0e1a182e95f839e3c60ea70626dd4dbc96dbfa9f420ef_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:246f0c4c5ed0596046e0e1a182e95f839e3c60ea70626dd4dbc96dbfa9f420ef_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:5378a1adb83ce50d43a2144472902bf6ad653e00004c611254e1e990f6cba9f5_amd64 as a component of multicluster engine for Kubernetes 2.17",
"product_id": "multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:5378a1adb83ce50d43a2144472902bf6ad653e00004c611254e1e990f6cba9f5_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:5378a1adb83ce50d43a2144472902bf6ad653e00004c611254e1e990f6cba9f5_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:6ff63c0f7b566a1d05ffcc9cf3dd634770f029acd4a00c28827013ccb5f5a864_arm64 as a component of multicluster engine for Kubernetes 2.17",
"product_id": "multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:6ff63c0f7b566a1d05ffcc9cf3dd634770f029acd4a00c28827013ccb5f5a864_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:6ff63c0f7b566a1d05ffcc9cf3dd634770f029acd4a00c28827013ccb5f5a864_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:e9372558816be2996ec2a19f1e1af322132022d5021922ef8073e2cd337ea9dd_s390x as a component of multicluster engine for Kubernetes 2.17",
"product_id": "multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:e9372558816be2996ec2a19f1e1af322132022d5021922ef8073e2cd337ea9dd_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:e9372558816be2996ec2a19f1e1af322132022d5021922ef8073e2cd337ea9dd_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.17"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-32280",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-08T02:01:19.572351+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:73e2fa81283566d7a7e815c478924e54a53ebb4392f253b14f16a62667bcdf45_arm64",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:a18381897205dbbcc7d0f703baffd77ff9102f1b5a9da60bf7ca1006a8f9c0b1_ppc64le",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:dfc63b1ac74fd0d568a1aa513376a741f909f62276edcb28981ad7b82ce25f2c_amd64",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:f3856351a9827a63ca2548b4fa1b6a8206b75635957d597d610582d99ceb2d7a_s390x",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:10be9fbec807b14c4d2ed0ef68ce01fe9125aac57698a550f6049d0e32a83f10_amd64",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:34941086cc098a607cd45114365ab8e68bc78a41c4f7f521f9ed44f27176ad64_s390x",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:60db01bae2dc9030f74814c4d6cc57216a2279bf1e752fad0c44a3e5c81da813_ppc64le",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:c951d1a079c70504858aa384c3ee07a68375ce363585803e9630ede6e64b85a5_arm64",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:285635963834911b48abffd3aad1d015ee6da0d00fb97fbef05a2acf40e77d6d_arm64",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:3a5a26c81fbb9eaf7d5d9e32faada021f2506cfa50a484193ac6f7a6e6ef7240_s390x",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:85a2360a2e9f396e77762b548e2b82e1e0b6e98ae28e4ca64232e0578b142bc6_ppc64le",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:f36031392780c050379ee53334d5638dc511a27e71b1e9f29edb829967b64816_amd64",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:434b787c46060337e557b0f9d4907ea7939ce393c7e136292a84889da9e2c684_arm64",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:9ba60d6db6847b79dd273e5c6cda79bc7df146ca78694b489e516b2bcded3af6_amd64",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:aaaa3ebb03fa81569ac24b1e9067b1a15375532d738a04034425fd0be7cc1760_ppc64le",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:cb8f70ddcd8943a4aad7d8c35672f01d7826c312b9634b6abf51ddea804c0f13_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go standard library\u0027s certificate chain building process. Systems utilizing Go applications that process untrusted TLS certificates or X.509 certificate chains are susceptible to resource exhaustion when presented with an excessive number of intermediate certificates, potentially leading to service unavailability. This flaw impacts applications directly using `crypto/x509` or `crypto/tls`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:246f0c4c5ed0596046e0e1a182e95f839e3c60ea70626dd4dbc96dbfa9f420ef_ppc64le",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:5378a1adb83ce50d43a2144472902bf6ad653e00004c611254e1e990f6cba9f5_amd64",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:6ff63c0f7b566a1d05ffcc9cf3dd634770f029acd4a00c28827013ccb5f5a864_arm64",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:e9372558816be2996ec2a19f1e1af322132022d5021922ef8073e2cd337ea9dd_s390x"
],
"known_not_affected": [
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:73e2fa81283566d7a7e815c478924e54a53ebb4392f253b14f16a62667bcdf45_arm64",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:a18381897205dbbcc7d0f703baffd77ff9102f1b5a9da60bf7ca1006a8f9c0b1_ppc64le",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:dfc63b1ac74fd0d568a1aa513376a741f909f62276edcb28981ad7b82ce25f2c_amd64",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:f3856351a9827a63ca2548b4fa1b6a8206b75635957d597d610582d99ceb2d7a_s390x",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:10be9fbec807b14c4d2ed0ef68ce01fe9125aac57698a550f6049d0e32a83f10_amd64",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:34941086cc098a607cd45114365ab8e68bc78a41c4f7f521f9ed44f27176ad64_s390x",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:60db01bae2dc9030f74814c4d6cc57216a2279bf1e752fad0c44a3e5c81da813_ppc64le",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:c951d1a079c70504858aa384c3ee07a68375ce363585803e9630ede6e64b85a5_arm64",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:285635963834911b48abffd3aad1d015ee6da0d00fb97fbef05a2acf40e77d6d_arm64",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:3a5a26c81fbb9eaf7d5d9e32faada021f2506cfa50a484193ac6f7a6e6ef7240_s390x",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:85a2360a2e9f396e77762b548e2b82e1e0b6e98ae28e4ca64232e0578b142bc6_ppc64le",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:f36031392780c050379ee53334d5638dc511a27e71b1e9f29edb829967b64816_amd64",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:434b787c46060337e557b0f9d4907ea7939ce393c7e136292a84889da9e2c684_arm64",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:9ba60d6db6847b79dd273e5c6cda79bc7df146ca78694b489e516b2bcded3af6_amd64",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:aaaa3ebb03fa81569ac24b1e9067b1a15375532d738a04034425fd0be7cc1760_ppc64le",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:cb8f70ddcd8943a4aad7d8c35672f01d7826c312b9634b6abf51ddea804c0f13_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "RHBZ#2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://go.dev/cl/758320",
"url": "https://go.dev/cl/758320"
},
{
"category": "external",
"summary": "https://go.dev/issue/78282",
"url": "https://go.dev/issue/78282"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4947",
"url": "https://pkg.go.dev/vuln/GO-2026-4947"
}
],
"release_date": "2026-04-08T01:06:58.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-02T06:45:57+00:00",
"details": "For more information about Assisted Installer, see the following documentation:\n\nhttps://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.17/html/clusters/cluster_mce_overview#cim-intro\n\nFor multicluster engine for Kubernetes, see the following documentation for\ndetails on how to install the images:\n\nhttps://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.17/html/clusters/cluster_mce_overview#mce-install-intro\n\nThis documentation will be available after the general availability release of Red Hat Advanced Cluster Management 2.17.",
"product_ids": [
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:246f0c4c5ed0596046e0e1a182e95f839e3c60ea70626dd4dbc96dbfa9f420ef_ppc64le",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:5378a1adb83ce50d43a2144472902bf6ad653e00004c611254e1e990f6cba9f5_amd64",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:6ff63c0f7b566a1d05ffcc9cf3dd634770f029acd4a00c28827013ccb5f5a864_arm64",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:e9372558816be2996ec2a19f1e1af322132022d5021922ef8073e2cd337ea9dd_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22415"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:73e2fa81283566d7a7e815c478924e54a53ebb4392f253b14f16a62667bcdf45_arm64",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:a18381897205dbbcc7d0f703baffd77ff9102f1b5a9da60bf7ca1006a8f9c0b1_ppc64le",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:dfc63b1ac74fd0d568a1aa513376a741f909f62276edcb28981ad7b82ce25f2c_amd64",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:f3856351a9827a63ca2548b4fa1b6a8206b75635957d597d610582d99ceb2d7a_s390x",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:10be9fbec807b14c4d2ed0ef68ce01fe9125aac57698a550f6049d0e32a83f10_amd64",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:34941086cc098a607cd45114365ab8e68bc78a41c4f7f521f9ed44f27176ad64_s390x",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:60db01bae2dc9030f74814c4d6cc57216a2279bf1e752fad0c44a3e5c81da813_ppc64le",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:c951d1a079c70504858aa384c3ee07a68375ce363585803e9630ede6e64b85a5_arm64",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:285635963834911b48abffd3aad1d015ee6da0d00fb97fbef05a2acf40e77d6d_arm64",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:3a5a26c81fbb9eaf7d5d9e32faada021f2506cfa50a484193ac6f7a6e6ef7240_s390x",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:85a2360a2e9f396e77762b548e2b82e1e0b6e98ae28e4ca64232e0578b142bc6_ppc64le",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:f36031392780c050379ee53334d5638dc511a27e71b1e9f29edb829967b64816_amd64",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:434b787c46060337e557b0f9d4907ea7939ce393c7e136292a84889da9e2c684_arm64",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:9ba60d6db6847b79dd273e5c6cda79bc7df146ca78694b489e516b2bcded3af6_amd64",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:aaaa3ebb03fa81569ac24b1e9067b1a15375532d738a04034425fd0be7cc1760_ppc64le",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:cb8f70ddcd8943a4aad7d8c35672f01d7826c312b9634b6abf51ddea804c0f13_s390x",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:246f0c4c5ed0596046e0e1a182e95f839e3c60ea70626dd4dbc96dbfa9f420ef_ppc64le",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:5378a1adb83ce50d43a2144472902bf6ad653e00004c611254e1e990f6cba9f5_amd64",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:6ff63c0f7b566a1d05ffcc9cf3dd634770f029acd4a00c28827013ccb5f5a864_arm64",
"multicluster engine for Kubernetes 2.17:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:e9372558816be2996ec2a19f1e1af322132022d5021922ef8073e2cd337ea9dd_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
}
]
}
RHSA-2026:22422
Vulnerability from csaf_redhat - Published: 2026-06-02 07:35 - Updated: 2026-07-13 23:21A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:3b3f76b1de8ea85b5f941a869a7e7ba202afdbbc436c070fd91819b9f04be890_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:71a13b2ca48a940d9c73ab43c9c855da6b8f34ffe72975797865f2a4ea2b69d6_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:8b26ed3030afd3da20640f855979059ceb523743e57f3d8f4406e1ee15f01d3e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:f7c2134ef6e55d4e06b3dad17d583ab35ef50bd27c36dd3ca1c59b2c5f48b122_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:334ef53e1e7054c86f691aa9a04ae13994d7dc778da3bd4e292d02513b5e4bf8_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:45966dfd3059467b9a43ca8d2ff8b864fd58ef09ad0405f61329a69486222fe3_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:711352a13eadef04e0d57fd6c9a699da9924f65ecb1a8368dabd3cbe6bcef835_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:d67530d9db7c7976ebb682f5dd71713896ae0f34a305d094fcf465eb12520846_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:1cce0b4d8ea02811182974ca3ffb74a4455111d0af0d62b76f8fc143c4679c35_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:45358b0f7da8665aad68ce19773827a07a9926dabdb33ecf8de6e21652de001c_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:4625e34eb7fe3ec65b9e9917557f24e5b9609c03944b8d5802a152b1d8bfea8d_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:74dcc8ba742e05f77478e9b9b272b6e7cf6b1259fa04ee52613df925250be3a9_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:0273ab4a51c9860b8e72c0cb5c29eec7ca3a8b64465d33e2866d1bf750e536e7_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:8bc040680e14c429ed6ff5150295e2a9a41be02e1aedd14177e58b7ba4545a2f_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:dc6ce88161aee0e2d9de97cac68a692dc14b6cdee1e8cd6825d5a5afab75832b_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:e32ab427867c26eb7a63bdd12c46bb9c89c2a7c5cdeefc0e548b1812075e4d93_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:6a0fdf9790f5657551b2db36c08df9845a474a834c188afd173038fcd26d88bf_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:6b50176e0e4bfb3d382101e06085bc606806290fa2a9b82c5439dd5f103de3a7_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:b9c4d9ae302edec84e7dd634c6a2166c35753d96ff49325d918acae2d5353089_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:f775ff0d556d9b052c19035e0d227025e5a65c4395794fe725ccd46022e31d4d_arm64 | — |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Assisted installer RHEL 9 components for the multicluster engine for Kubernetes 2.10.3 General Availability release, with updates to container images.",
"title": "Topic"
},
{
"category": "general",
"text": "Assisted Installer RHEL 9 integrates components for the general multicluster engine\nfor Kubernetes 2.10.3 release that simplify the process of deploying OpenShift Container\nPlatform clusters.\n\nThe multicluster engine for Kubernetes provides the foundational components\nthat are necessary for the centralized management of multiple\nKubernetes-based clusters across data centers, public clouds, and private\nclouds.\n\nYou can use the engine to create new Red Hat OpenShift Container Platform\nclusters, or to import existing Kubernetes-based clusters for management.\n\nAfter the clusters are managed, you can use the APIs that\nare provided by the engine to distribute configuration based on placement\npolicy.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:22422",
"url": "https://access.redhat.com/errata/RHSA-2026:22422"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32280",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_22422.json"
}
],
"title": "Red Hat Security Advisory: Assisted Installer RHEL 9 components for Multicluster Engine for Kubernetes 2.10.3",
"tracking": {
"current_release_date": "2026-07-13T23:21:50+00:00",
"generator": {
"date": "2026-07-13T23:21:50+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.2"
}
},
"id": "RHSA-2026:22422",
"initial_release_date": "2026-06-02T07:35:55+00:00",
"revision_history": [
{
"date": "2026-06-02T07:35:55+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-02T07:36:05+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-13T23:21:50+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "multicluster engine for Kubernetes 2.10",
"product": {
"name": "multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:multicluster_engine:2.10::el9"
}
}
}
],
"category": "product_family",
"name": "multicluster engine for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:334ef53e1e7054c86f691aa9a04ae13994d7dc778da3bd4e292d02513b5e4bf8_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:334ef53e1e7054c86f691aa9a04ae13994d7dc778da3bd4e292d02513b5e4bf8_amd64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:334ef53e1e7054c86f691aa9a04ae13994d7dc778da3bd4e292d02513b5e4bf8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-image-service-rhel9@sha256%3A334ef53e1e7054c86f691aa9a04ae13994d7dc778da3bd4e292d02513b5e4bf8?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-image-service-rhel9\u0026tag=1780383138"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:b9c4d9ae302edec84e7dd634c6a2166c35753d96ff49325d918acae2d5353089_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:b9c4d9ae302edec84e7dd634c6a2166c35753d96ff49325d918acae2d5353089_amd64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:b9c4d9ae302edec84e7dd634c6a2166c35753d96ff49325d918acae2d5353089_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-rhel9@sha256%3Ab9c4d9ae302edec84e7dd634c6a2166c35753d96ff49325d918acae2d5353089?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-rhel9\u0026tag=1780382908"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:45358b0f7da8665aad68ce19773827a07a9926dabdb33ecf8de6e21652de001c_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:45358b0f7da8665aad68ce19773827a07a9926dabdb33ecf8de6e21652de001c_amd64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:45358b0f7da8665aad68ce19773827a07a9926dabdb33ecf8de6e21652de001c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-agent-rhel9@sha256%3A45358b0f7da8665aad68ce19773827a07a9926dabdb33ecf8de6e21652de001c?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9\u0026tag=1780383049"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:0273ab4a51c9860b8e72c0cb5c29eec7ca3a8b64465d33e2866d1bf750e536e7_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:0273ab4a51c9860b8e72c0cb5c29eec7ca3a8b64465d33e2866d1bf750e536e7_amd64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:0273ab4a51c9860b8e72c0cb5c29eec7ca3a8b64465d33e2866d1bf750e536e7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-controller-rhel9@sha256%3A0273ab4a51c9860b8e72c0cb5c29eec7ca3a8b64465d33e2866d1bf750e536e7?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9\u0026tag=1780383189"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:f7c2134ef6e55d4e06b3dad17d583ab35ef50bd27c36dd3ca1c59b2c5f48b122_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:f7c2134ef6e55d4e06b3dad17d583ab35ef50bd27c36dd3ca1c59b2c5f48b122_amd64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:f7c2134ef6e55d4e06b3dad17d583ab35ef50bd27c36dd3ca1c59b2c5f48b122_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-service-9-rhel9@sha256%3Af7c2134ef6e55d4e06b3dad17d583ab35ef50bd27c36dd3ca1c59b2c5f48b122?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-service-9-rhel9\u0026tag=1780106633"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:45966dfd3059467b9a43ca8d2ff8b864fd58ef09ad0405f61329a69486222fe3_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:45966dfd3059467b9a43ca8d2ff8b864fd58ef09ad0405f61329a69486222fe3_arm64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:45966dfd3059467b9a43ca8d2ff8b864fd58ef09ad0405f61329a69486222fe3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-image-service-rhel9@sha256%3A45966dfd3059467b9a43ca8d2ff8b864fd58ef09ad0405f61329a69486222fe3?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-image-service-rhel9\u0026tag=1780383138"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:f775ff0d556d9b052c19035e0d227025e5a65c4395794fe725ccd46022e31d4d_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:f775ff0d556d9b052c19035e0d227025e5a65c4395794fe725ccd46022e31d4d_arm64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:f775ff0d556d9b052c19035e0d227025e5a65c4395794fe725ccd46022e31d4d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-rhel9@sha256%3Af775ff0d556d9b052c19035e0d227025e5a65c4395794fe725ccd46022e31d4d?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-rhel9\u0026tag=1780382908"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:4625e34eb7fe3ec65b9e9917557f24e5b9609c03944b8d5802a152b1d8bfea8d_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:4625e34eb7fe3ec65b9e9917557f24e5b9609c03944b8d5802a152b1d8bfea8d_arm64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:4625e34eb7fe3ec65b9e9917557f24e5b9609c03944b8d5802a152b1d8bfea8d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-agent-rhel9@sha256%3A4625e34eb7fe3ec65b9e9917557f24e5b9609c03944b8d5802a152b1d8bfea8d?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9\u0026tag=1780383049"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:dc6ce88161aee0e2d9de97cac68a692dc14b6cdee1e8cd6825d5a5afab75832b_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:dc6ce88161aee0e2d9de97cac68a692dc14b6cdee1e8cd6825d5a5afab75832b_arm64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:dc6ce88161aee0e2d9de97cac68a692dc14b6cdee1e8cd6825d5a5afab75832b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-controller-rhel9@sha256%3Adc6ce88161aee0e2d9de97cac68a692dc14b6cdee1e8cd6825d5a5afab75832b?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9\u0026tag=1780383189"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:3b3f76b1de8ea85b5f941a869a7e7ba202afdbbc436c070fd91819b9f04be890_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:3b3f76b1de8ea85b5f941a869a7e7ba202afdbbc436c070fd91819b9f04be890_arm64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:3b3f76b1de8ea85b5f941a869a7e7ba202afdbbc436c070fd91819b9f04be890_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-service-9-rhel9@sha256%3A3b3f76b1de8ea85b5f941a869a7e7ba202afdbbc436c070fd91819b9f04be890?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-service-9-rhel9\u0026tag=1780106633"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:d67530d9db7c7976ebb682f5dd71713896ae0f34a305d094fcf465eb12520846_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:d67530d9db7c7976ebb682f5dd71713896ae0f34a305d094fcf465eb12520846_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:d67530d9db7c7976ebb682f5dd71713896ae0f34a305d094fcf465eb12520846_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-image-service-rhel9@sha256%3Ad67530d9db7c7976ebb682f5dd71713896ae0f34a305d094fcf465eb12520846?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-image-service-rhel9\u0026tag=1780383138"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:6b50176e0e4bfb3d382101e06085bc606806290fa2a9b82c5439dd5f103de3a7_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:6b50176e0e4bfb3d382101e06085bc606806290fa2a9b82c5439dd5f103de3a7_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:6b50176e0e4bfb3d382101e06085bc606806290fa2a9b82c5439dd5f103de3a7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-rhel9@sha256%3A6b50176e0e4bfb3d382101e06085bc606806290fa2a9b82c5439dd5f103de3a7?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-rhel9\u0026tag=1780382908"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:74dcc8ba742e05f77478e9b9b272b6e7cf6b1259fa04ee52613df925250be3a9_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:74dcc8ba742e05f77478e9b9b272b6e7cf6b1259fa04ee52613df925250be3a9_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:74dcc8ba742e05f77478e9b9b272b6e7cf6b1259fa04ee52613df925250be3a9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-agent-rhel9@sha256%3A74dcc8ba742e05f77478e9b9b272b6e7cf6b1259fa04ee52613df925250be3a9?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9\u0026tag=1780383049"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:8bc040680e14c429ed6ff5150295e2a9a41be02e1aedd14177e58b7ba4545a2f_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:8bc040680e14c429ed6ff5150295e2a9a41be02e1aedd14177e58b7ba4545a2f_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:8bc040680e14c429ed6ff5150295e2a9a41be02e1aedd14177e58b7ba4545a2f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-controller-rhel9@sha256%3A8bc040680e14c429ed6ff5150295e2a9a41be02e1aedd14177e58b7ba4545a2f?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9\u0026tag=1780383189"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:8b26ed3030afd3da20640f855979059ceb523743e57f3d8f4406e1ee15f01d3e_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:8b26ed3030afd3da20640f855979059ceb523743e57f3d8f4406e1ee15f01d3e_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:8b26ed3030afd3da20640f855979059ceb523743e57f3d8f4406e1ee15f01d3e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-service-9-rhel9@sha256%3A8b26ed3030afd3da20640f855979059ceb523743e57f3d8f4406e1ee15f01d3e?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-service-9-rhel9\u0026tag=1780106633"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:711352a13eadef04e0d57fd6c9a699da9924f65ecb1a8368dabd3cbe6bcef835_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:711352a13eadef04e0d57fd6c9a699da9924f65ecb1a8368dabd3cbe6bcef835_s390x",
"product_id": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:711352a13eadef04e0d57fd6c9a699da9924f65ecb1a8368dabd3cbe6bcef835_s390x",
"product_identification_helper": {
"purl": "pkg:oci/assisted-image-service-rhel9@sha256%3A711352a13eadef04e0d57fd6c9a699da9924f65ecb1a8368dabd3cbe6bcef835?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-image-service-rhel9\u0026tag=1780383138"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:6a0fdf9790f5657551b2db36c08df9845a474a834c188afd173038fcd26d88bf_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:6a0fdf9790f5657551b2db36c08df9845a474a834c188afd173038fcd26d88bf_s390x",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:6a0fdf9790f5657551b2db36c08df9845a474a834c188afd173038fcd26d88bf_s390x",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-rhel9@sha256%3A6a0fdf9790f5657551b2db36c08df9845a474a834c188afd173038fcd26d88bf?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-rhel9\u0026tag=1780382908"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:1cce0b4d8ea02811182974ca3ffb74a4455111d0af0d62b76f8fc143c4679c35_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:1cce0b4d8ea02811182974ca3ffb74a4455111d0af0d62b76f8fc143c4679c35_s390x",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:1cce0b4d8ea02811182974ca3ffb74a4455111d0af0d62b76f8fc143c4679c35_s390x",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-agent-rhel9@sha256%3A1cce0b4d8ea02811182974ca3ffb74a4455111d0af0d62b76f8fc143c4679c35?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9\u0026tag=1780383049"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:e32ab427867c26eb7a63bdd12c46bb9c89c2a7c5cdeefc0e548b1812075e4d93_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:e32ab427867c26eb7a63bdd12c46bb9c89c2a7c5cdeefc0e548b1812075e4d93_s390x",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:e32ab427867c26eb7a63bdd12c46bb9c89c2a7c5cdeefc0e548b1812075e4d93_s390x",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-controller-rhel9@sha256%3Ae32ab427867c26eb7a63bdd12c46bb9c89c2a7c5cdeefc0e548b1812075e4d93?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9\u0026tag=1780383189"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:71a13b2ca48a940d9c73ab43c9c855da6b8f34ffe72975797865f2a4ea2b69d6_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:71a13b2ca48a940d9c73ab43c9c855da6b8f34ffe72975797865f2a4ea2b69d6_s390x",
"product_id": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:71a13b2ca48a940d9c73ab43c9c855da6b8f34ffe72975797865f2a4ea2b69d6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/assisted-service-9-rhel9@sha256%3A71a13b2ca48a940d9c73ab43c9c855da6b8f34ffe72975797865f2a4ea2b69d6?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine/assisted-service-9-rhel9\u0026tag=1780106633"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:334ef53e1e7054c86f691aa9a04ae13994d7dc778da3bd4e292d02513b5e4bf8_amd64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:334ef53e1e7054c86f691aa9a04ae13994d7dc778da3bd4e292d02513b5e4bf8_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:334ef53e1e7054c86f691aa9a04ae13994d7dc778da3bd4e292d02513b5e4bf8_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:45966dfd3059467b9a43ca8d2ff8b864fd58ef09ad0405f61329a69486222fe3_arm64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:45966dfd3059467b9a43ca8d2ff8b864fd58ef09ad0405f61329a69486222fe3_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:45966dfd3059467b9a43ca8d2ff8b864fd58ef09ad0405f61329a69486222fe3_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:711352a13eadef04e0d57fd6c9a699da9924f65ecb1a8368dabd3cbe6bcef835_s390x as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:711352a13eadef04e0d57fd6c9a699da9924f65ecb1a8368dabd3cbe6bcef835_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:711352a13eadef04e0d57fd6c9a699da9924f65ecb1a8368dabd3cbe6bcef835_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:d67530d9db7c7976ebb682f5dd71713896ae0f34a305d094fcf465eb12520846_ppc64le as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:d67530d9db7c7976ebb682f5dd71713896ae0f34a305d094fcf465eb12520846_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:d67530d9db7c7976ebb682f5dd71713896ae0f34a305d094fcf465eb12520846_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:1cce0b4d8ea02811182974ca3ffb74a4455111d0af0d62b76f8fc143c4679c35_s390x as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:1cce0b4d8ea02811182974ca3ffb74a4455111d0af0d62b76f8fc143c4679c35_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:1cce0b4d8ea02811182974ca3ffb74a4455111d0af0d62b76f8fc143c4679c35_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:45358b0f7da8665aad68ce19773827a07a9926dabdb33ecf8de6e21652de001c_amd64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:45358b0f7da8665aad68ce19773827a07a9926dabdb33ecf8de6e21652de001c_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:45358b0f7da8665aad68ce19773827a07a9926dabdb33ecf8de6e21652de001c_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:4625e34eb7fe3ec65b9e9917557f24e5b9609c03944b8d5802a152b1d8bfea8d_arm64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:4625e34eb7fe3ec65b9e9917557f24e5b9609c03944b8d5802a152b1d8bfea8d_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:4625e34eb7fe3ec65b9e9917557f24e5b9609c03944b8d5802a152b1d8bfea8d_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:74dcc8ba742e05f77478e9b9b272b6e7cf6b1259fa04ee52613df925250be3a9_ppc64le as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:74dcc8ba742e05f77478e9b9b272b6e7cf6b1259fa04ee52613df925250be3a9_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:74dcc8ba742e05f77478e9b9b272b6e7cf6b1259fa04ee52613df925250be3a9_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:0273ab4a51c9860b8e72c0cb5c29eec7ca3a8b64465d33e2866d1bf750e536e7_amd64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:0273ab4a51c9860b8e72c0cb5c29eec7ca3a8b64465d33e2866d1bf750e536e7_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:0273ab4a51c9860b8e72c0cb5c29eec7ca3a8b64465d33e2866d1bf750e536e7_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:8bc040680e14c429ed6ff5150295e2a9a41be02e1aedd14177e58b7ba4545a2f_ppc64le as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:8bc040680e14c429ed6ff5150295e2a9a41be02e1aedd14177e58b7ba4545a2f_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:8bc040680e14c429ed6ff5150295e2a9a41be02e1aedd14177e58b7ba4545a2f_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:dc6ce88161aee0e2d9de97cac68a692dc14b6cdee1e8cd6825d5a5afab75832b_arm64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:dc6ce88161aee0e2d9de97cac68a692dc14b6cdee1e8cd6825d5a5afab75832b_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:dc6ce88161aee0e2d9de97cac68a692dc14b6cdee1e8cd6825d5a5afab75832b_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:e32ab427867c26eb7a63bdd12c46bb9c89c2a7c5cdeefc0e548b1812075e4d93_s390x as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:e32ab427867c26eb7a63bdd12c46bb9c89c2a7c5cdeefc0e548b1812075e4d93_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:e32ab427867c26eb7a63bdd12c46bb9c89c2a7c5cdeefc0e548b1812075e4d93_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:6a0fdf9790f5657551b2db36c08df9845a474a834c188afd173038fcd26d88bf_s390x as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:6a0fdf9790f5657551b2db36c08df9845a474a834c188afd173038fcd26d88bf_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:6a0fdf9790f5657551b2db36c08df9845a474a834c188afd173038fcd26d88bf_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:6b50176e0e4bfb3d382101e06085bc606806290fa2a9b82c5439dd5f103de3a7_ppc64le as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:6b50176e0e4bfb3d382101e06085bc606806290fa2a9b82c5439dd5f103de3a7_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:6b50176e0e4bfb3d382101e06085bc606806290fa2a9b82c5439dd5f103de3a7_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:b9c4d9ae302edec84e7dd634c6a2166c35753d96ff49325d918acae2d5353089_amd64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:b9c4d9ae302edec84e7dd634c6a2166c35753d96ff49325d918acae2d5353089_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:b9c4d9ae302edec84e7dd634c6a2166c35753d96ff49325d918acae2d5353089_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:f775ff0d556d9b052c19035e0d227025e5a65c4395794fe725ccd46022e31d4d_arm64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:f775ff0d556d9b052c19035e0d227025e5a65c4395794fe725ccd46022e31d4d_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:f775ff0d556d9b052c19035e0d227025e5a65c4395794fe725ccd46022e31d4d_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:3b3f76b1de8ea85b5f941a869a7e7ba202afdbbc436c070fd91819b9f04be890_arm64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:3b3f76b1de8ea85b5f941a869a7e7ba202afdbbc436c070fd91819b9f04be890_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:3b3f76b1de8ea85b5f941a869a7e7ba202afdbbc436c070fd91819b9f04be890_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:71a13b2ca48a940d9c73ab43c9c855da6b8f34ffe72975797865f2a4ea2b69d6_s390x as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:71a13b2ca48a940d9c73ab43c9c855da6b8f34ffe72975797865f2a4ea2b69d6_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:71a13b2ca48a940d9c73ab43c9c855da6b8f34ffe72975797865f2a4ea2b69d6_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:8b26ed3030afd3da20640f855979059ceb523743e57f3d8f4406e1ee15f01d3e_ppc64le as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:8b26ed3030afd3da20640f855979059ceb523743e57f3d8f4406e1ee15f01d3e_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:8b26ed3030afd3da20640f855979059ceb523743e57f3d8f4406e1ee15f01d3e_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:f7c2134ef6e55d4e06b3dad17d583ab35ef50bd27c36dd3ca1c59b2c5f48b122_amd64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:f7c2134ef6e55d4e06b3dad17d583ab35ef50bd27c36dd3ca1c59b2c5f48b122_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:f7c2134ef6e55d4e06b3dad17d583ab35ef50bd27c36dd3ca1c59b2c5f48b122_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-32280",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-08T02:01:19.572351+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:334ef53e1e7054c86f691aa9a04ae13994d7dc778da3bd4e292d02513b5e4bf8_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:45966dfd3059467b9a43ca8d2ff8b864fd58ef09ad0405f61329a69486222fe3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:711352a13eadef04e0d57fd6c9a699da9924f65ecb1a8368dabd3cbe6bcef835_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:d67530d9db7c7976ebb682f5dd71713896ae0f34a305d094fcf465eb12520846_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:1cce0b4d8ea02811182974ca3ffb74a4455111d0af0d62b76f8fc143c4679c35_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:45358b0f7da8665aad68ce19773827a07a9926dabdb33ecf8de6e21652de001c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:4625e34eb7fe3ec65b9e9917557f24e5b9609c03944b8d5802a152b1d8bfea8d_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:74dcc8ba742e05f77478e9b9b272b6e7cf6b1259fa04ee52613df925250be3a9_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:0273ab4a51c9860b8e72c0cb5c29eec7ca3a8b64465d33e2866d1bf750e536e7_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:8bc040680e14c429ed6ff5150295e2a9a41be02e1aedd14177e58b7ba4545a2f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:dc6ce88161aee0e2d9de97cac68a692dc14b6cdee1e8cd6825d5a5afab75832b_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:e32ab427867c26eb7a63bdd12c46bb9c89c2a7c5cdeefc0e548b1812075e4d93_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:6a0fdf9790f5657551b2db36c08df9845a474a834c188afd173038fcd26d88bf_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:6b50176e0e4bfb3d382101e06085bc606806290fa2a9b82c5439dd5f103de3a7_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:b9c4d9ae302edec84e7dd634c6a2166c35753d96ff49325d918acae2d5353089_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:f775ff0d556d9b052c19035e0d227025e5a65c4395794fe725ccd46022e31d4d_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go standard library\u0027s certificate chain building process. Systems utilizing Go applications that process untrusted TLS certificates or X.509 certificate chains are susceptible to resource exhaustion when presented with an excessive number of intermediate certificates, potentially leading to service unavailability. This flaw impacts applications directly using `crypto/x509` or `crypto/tls`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:3b3f76b1de8ea85b5f941a869a7e7ba202afdbbc436c070fd91819b9f04be890_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:71a13b2ca48a940d9c73ab43c9c855da6b8f34ffe72975797865f2a4ea2b69d6_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:8b26ed3030afd3da20640f855979059ceb523743e57f3d8f4406e1ee15f01d3e_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:f7c2134ef6e55d4e06b3dad17d583ab35ef50bd27c36dd3ca1c59b2c5f48b122_amd64"
],
"known_not_affected": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:334ef53e1e7054c86f691aa9a04ae13994d7dc778da3bd4e292d02513b5e4bf8_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:45966dfd3059467b9a43ca8d2ff8b864fd58ef09ad0405f61329a69486222fe3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:711352a13eadef04e0d57fd6c9a699da9924f65ecb1a8368dabd3cbe6bcef835_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:d67530d9db7c7976ebb682f5dd71713896ae0f34a305d094fcf465eb12520846_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:1cce0b4d8ea02811182974ca3ffb74a4455111d0af0d62b76f8fc143c4679c35_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:45358b0f7da8665aad68ce19773827a07a9926dabdb33ecf8de6e21652de001c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:4625e34eb7fe3ec65b9e9917557f24e5b9609c03944b8d5802a152b1d8bfea8d_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:74dcc8ba742e05f77478e9b9b272b6e7cf6b1259fa04ee52613df925250be3a9_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:0273ab4a51c9860b8e72c0cb5c29eec7ca3a8b64465d33e2866d1bf750e536e7_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:8bc040680e14c429ed6ff5150295e2a9a41be02e1aedd14177e58b7ba4545a2f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:dc6ce88161aee0e2d9de97cac68a692dc14b6cdee1e8cd6825d5a5afab75832b_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:e32ab427867c26eb7a63bdd12c46bb9c89c2a7c5cdeefc0e548b1812075e4d93_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:6a0fdf9790f5657551b2db36c08df9845a474a834c188afd173038fcd26d88bf_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:6b50176e0e4bfb3d382101e06085bc606806290fa2a9b82c5439dd5f103de3a7_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:b9c4d9ae302edec84e7dd634c6a2166c35753d96ff49325d918acae2d5353089_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:f775ff0d556d9b052c19035e0d227025e5a65c4395794fe725ccd46022e31d4d_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "RHBZ#2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://go.dev/cl/758320",
"url": "https://go.dev/cl/758320"
},
{
"category": "external",
"summary": "https://go.dev/issue/78282",
"url": "https://go.dev/issue/78282"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4947",
"url": "https://pkg.go.dev/vuln/GO-2026-4947"
}
],
"release_date": "2026-04-08T01:06:58.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-02T07:35:55+00:00",
"details": "For more information about Assisted Installer, see the following documentation:\n\nhttps://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.15/html/clusters/cluster_mce_overview#cim-intro\n\nFor multicluster engine for Kubernetes, see the following documentation for\ndetails on how to install the images:\n\nhttps://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.15/html/clusters/cluster_mce_overview#mce-install-intro\n\nThis documentation will be available after the general availability release of Red Hat Advanced Cluster Management 2.15.",
"product_ids": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:3b3f76b1de8ea85b5f941a869a7e7ba202afdbbc436c070fd91819b9f04be890_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:71a13b2ca48a940d9c73ab43c9c855da6b8f34ffe72975797865f2a4ea2b69d6_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:8b26ed3030afd3da20640f855979059ceb523743e57f3d8f4406e1ee15f01d3e_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:f7c2134ef6e55d4e06b3dad17d583ab35ef50bd27c36dd3ca1c59b2c5f48b122_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22422"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:334ef53e1e7054c86f691aa9a04ae13994d7dc778da3bd4e292d02513b5e4bf8_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:45966dfd3059467b9a43ca8d2ff8b864fd58ef09ad0405f61329a69486222fe3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:711352a13eadef04e0d57fd6c9a699da9924f65ecb1a8368dabd3cbe6bcef835_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:d67530d9db7c7976ebb682f5dd71713896ae0f34a305d094fcf465eb12520846_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:1cce0b4d8ea02811182974ca3ffb74a4455111d0af0d62b76f8fc143c4679c35_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:45358b0f7da8665aad68ce19773827a07a9926dabdb33ecf8de6e21652de001c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:4625e34eb7fe3ec65b9e9917557f24e5b9609c03944b8d5802a152b1d8bfea8d_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:74dcc8ba742e05f77478e9b9b272b6e7cf6b1259fa04ee52613df925250be3a9_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:0273ab4a51c9860b8e72c0cb5c29eec7ca3a8b64465d33e2866d1bf750e536e7_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:8bc040680e14c429ed6ff5150295e2a9a41be02e1aedd14177e58b7ba4545a2f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:dc6ce88161aee0e2d9de97cac68a692dc14b6cdee1e8cd6825d5a5afab75832b_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:e32ab427867c26eb7a63bdd12c46bb9c89c2a7c5cdeefc0e548b1812075e4d93_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:6a0fdf9790f5657551b2db36c08df9845a474a834c188afd173038fcd26d88bf_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:6b50176e0e4bfb3d382101e06085bc606806290fa2a9b82c5439dd5f103de3a7_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:b9c4d9ae302edec84e7dd634c6a2166c35753d96ff49325d918acae2d5353089_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:f775ff0d556d9b052c19035e0d227025e5a65c4395794fe725ccd46022e31d4d_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:3b3f76b1de8ea85b5f941a869a7e7ba202afdbbc436c070fd91819b9f04be890_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:71a13b2ca48a940d9c73ab43c9c855da6b8f34ffe72975797865f2a4ea2b69d6_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:8b26ed3030afd3da20640f855979059ceb523743e57f3d8f4406e1ee15f01d3e_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:f7c2134ef6e55d4e06b3dad17d583ab35ef50bd27c36dd3ca1c59b2c5f48b122_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
}
]
}
RHSA-2026:22465
Vulnerability from csaf_redhat - Published: 2026-06-02 13:10 - Updated: 2026-07-14 05:56A flaw was found in Axios, a promise-based HTTP client. This vulnerability occurs because Axios does not correctly handle hostname normalization when evaluating NO_PROXY rules. An attacker can exploit this by crafting requests to loopback addresses (e.g., localhost. or [::1]) which bypass the NO_PROXY configuration and are routed through the configured proxy. This can lead to Server-Side Request Forgery (SSRF) vulnerabilities, enabling attackers to access sensitive internal or loopback services that should otherwise be protected.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64 | — |
Workaround
|
No description is available for this CVE.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64 | — |
A flaw was found in pyOpenSSL. The set_cookie_generate_callback callback function can be used to generate DTLS cookies. When the callback returns a cookie string or byte sequence longer than 256 bytes, a buffer overflow can be triggered due to a missing bounds checking before copying the data to a fixed-size buffer provided by the underlying OpenSSL library.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64 | — |
Workaround
|
A flaw was found in Immutable.js, a library for persistent immutable data structures. This vulnerability, known as Prototype Pollution, allows an attacker with low privileges to inject unwanted properties into core JavaScript object prototypes without user interaction. By manipulating specific APIs such as mergeDeep(), mergeDeepWith(), merge(), Map.toJS(), and Map.toObject(), a remote attacker could potentially execute arbitrary code or cause a denial of service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64 | — |
A flaw was found in SVGO, an SVG (Scalable Vector Graphics) Optimizer. This vulnerability allows a remote attacker to cause a Denial of Service (DoS) by submitting a specially crafted XML file. The application's failure to properly guard against XML entity expansion or recursion can lead to the Node.js process consuming excessive memory and crashing.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64 | — |
Workaround
|
A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64 | — |
A flaw was found in Go's `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64 | — |
Workaround
|
A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64 | — |
Workaround
|
A flaw was found in the DataRow.Decode function within the github.com/jackc/pgproto3/v2 component. A malicious or compromised PostgreSQL server can exploit this by sending a DataRow message containing a negative field length. This improper validation of field lengths leads to a "slice bounds out of range panic", resulting in a Denial of Service (DoS) for the affected application.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64 | — |
Workaround
|
A flaw was found in Red Hat Quay's container image upload process. An authenticated user with push access to any repository on the registry can interfere with image uploads in progress by other users, including those in repositories they do not have access to. This could allow the attacker to read, modify, or cancel another user's in-progress image upload.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64 | — |
A flaw was found in Red Hat Quay's handling of resumable container image layer uploads. The upload process stores intermediate data in the database using a format that, if tampered with, could allow an attacker to execute arbitrary code on the Quay server.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64 | — |
A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64 | — |
Workaround
|
A flaw was found in BuildKit, a toolkit for converting source code to build artifacts. An untrusted BuildKit frontend can be leveraged to craft a malicious API message, allowing files to be written outside of the designated BuildKit state directory. This vulnerability, which is a form of arbitrary file write, could enable an attacker to execute unauthorized code or escalate their privileges on the system. This issue arises when custom BuildKit frontends are used with specific configuration options.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64 | — |
Workaround
|
A flaw was found in Forge (also called `node-forge`), a JavaScript implementation of Transport Layer Security. A remote attacker could exploit weaknesses in the RSASSA PKCS#1 v1.5 signature verification process. By crafting malicious signatures that include extra data within the ASN structure and do not meet padding requirements, an attacker can bypass signature validation. This allows for the creation of forged signatures that appear legitimate, potentially compromising the integrity and authenticity of communications.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64 | — |
Workaround
|
A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64 | — |
Workaround
|
A flaw was found in the cryptography library. This vulnerability occurs when a non-contiguous buffer is passed to certain application programming interfaces (APIs) that accept Python buffers, such as Hash.update(). A remote attacker could exploit this to cause a buffer overflow, potentially leading to a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64 | — |
Workaround
|
A flaw was found in Pillow, a Python imaging library. This vulnerability allows a remote attacker to trigger a denial of service (DoS) by providing a specially crafted FITS image file. The library's failure to limit the amount of GZIP-compressed data during decoding can lead to unbounded memory consumption, causing the system to crash or experience severe performance issues.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64 | — |
Workaround
|
A flaw was found in follow-redirects. When an HTTP request follows a cross-domain redirect (a redirection to a different domain), custom authentication headers, such as X-API-Key or X-Auth-Token, are not properly stripped. This allows these sensitive headers to be forwarded verbatim to the redirect target, potentially leading to the unintended disclosure of authentication information to an untrusted third party.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64 | — |
A flaw was found in Axios, an HTTP client library. This vulnerability allows an attacker to exploit a prototype pollution issue if another part of the application has already polluted the Object.prototype. By doing so, the attacker can intercept and modify JSON responses or take control of the HTTP communication. This could lead to unauthorized access to sensitive information like user credentials and request details.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64 | — |
A flaw was found in Axios, a software library for making network requests. A remote attacker can exploit a prototype pollution vulnerability to inject arbitrary HTTP headers into outgoing requests. This occurs when the application's core object definitions are manipulated, causing Axios to misinterpret data and include attacker-controlled headers in network communications. This could lead to unauthorized actions or data manipulation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64 | — |
Workaround
|
A flaw was found in Axios, a promise-based HTTP client for browsers and Node.js. This vulnerability occurs because the `toFormData` function recursively processes nested objects without a depth limit. A remote attacker can exploit this by sending deeply nested request data, which causes the Node.js process to crash due to a RangeError, leading to a potential Denial of Service (DoS) if the process crashes.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64 | — |
A flaw was found in Axios, a promise-based HTTP client. This vulnerability, a Prototype Pollution "Gadget" attack, allows an attacker to manipulate the `Object.prototype.validateStatus` property. By polluting this property, all HTTP error responses (such as 401, 403, or 500) are silently treated as successful responses. This can lead to a complete bypass of application-level authentication and error handling, potentially granting unauthorized access.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64 | — |
A flaw was found in Axios, a promise-based HTTP client. An attacker who can control the destination address of an Axios request can exploit this vulnerability. By using specific internal network addresses (within the 127.0.0.0/8 range, excluding 127.0.0.1), the attacker can completely bypass the NO_PROXY protection, potentially leading to unauthorized access or information disclosure within the network. This issue is an incomplete fix for a previous vulnerability.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64 | — |
A flaw was found in Axios, a widely used HTTP client. This vulnerability, known as a Prototype Pollution "Gadget" attack, allows a remote attacker to subtly alter JSON API responses. By manipulating a specific function, an attacker can selectively modify data within these responses. This could lead to significant security breaches, including unauthorized privilege escalation, fraudulent balance manipulation, or bypassing critical authorization checks.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64 | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Quay 3.17.2 is now available with bug fixes.",
"title": "Topic"
},
{
"category": "general",
"text": "Quay 3.17.2",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:22465",
"url": "https://access.redhat.com/errata/RHSA-2026:22465"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62718",
"url": "https://access.redhat.com/security/cve/CVE-2025-62718"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27459",
"url": "https://access.redhat.com/security/cve/CVE-2026-27459"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-29063",
"url": "https://access.redhat.com/security/cve/CVE-2026-29063"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-29074",
"url": "https://access.redhat.com/security/cve/CVE-2026-29074"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32280",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32281",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32282",
"url": "https://access.redhat.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32286",
"url": "https://access.redhat.com/security/cve/CVE-2026-32286"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32589",
"url": "https://access.redhat.com/security/cve/CVE-2026-32589"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32590",
"url": "https://access.redhat.com/security/cve/CVE-2026-32590"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33186",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33747",
"url": "https://access.redhat.com/security/cve/CVE-2026-33747"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33894",
"url": "https://access.redhat.com/security/cve/CVE-2026-33894"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-34986",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39892",
"url": "https://access.redhat.com/security/cve/CVE-2026-39892"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-40192",
"url": "https://access.redhat.com/security/cve/CVE-2026-40192"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-40895",
"url": "https://access.redhat.com/security/cve/CVE-2026-40895"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42033",
"url": "https://access.redhat.com/security/cve/CVE-2026-42033"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42035",
"url": "https://access.redhat.com/security/cve/CVE-2026-42035"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42039",
"url": "https://access.redhat.com/security/cve/CVE-2026-42039"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42041",
"url": "https://access.redhat.com/security/cve/CVE-2026-42041"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42043",
"url": "https://access.redhat.com/security/cve/CVE-2026-42043"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42044",
"url": "https://access.redhat.com/security/cve/CVE-2026-42044"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-4427",
"url": "https://access.redhat.com/security/cve/CVE-2026-4427"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_22465.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Quay 3.17.2",
"tracking": {
"current_release_date": "2026-07-14T05:56:49+00:00",
"generator": {
"date": "2026-07-14T05:56:49+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.2"
}
},
"id": "RHSA-2026:22465",
"initial_release_date": "2026-06-02T13:10:36+00:00",
"revision_history": [
{
"date": "2026-06-02T13:10:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-02T13:10:41+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-14T05:56:49+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Quay 3.17",
"product": {
"name": "Red Hat Quay 3.17",
"product_id": "Red Hat Quay 3.17",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:quay:3.17::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Quay"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-bundle@sha256%3A4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-container-security-operator-bundle\u0026tag=1778601504"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel9@sha256%3A0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-container-security-operator-rhel9\u0026tag=1778599991"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-bundle@sha256%3A844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-bridge-operator-bundle\u0026tag=1778601553"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel9@sha256%3A53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-bridge-operator-rhel9\u0026tag=1778599998"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3A8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8\u0026tag=1778600428"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel9@sha256%3Ae2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-builder-rhel9\u0026tag=1778599977"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"product": {
"name": "registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"product_id": "registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel9@sha256%3Ac38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8?arch=amd64\u0026repository_url=registry.redhat.io/quay/clair-rhel9\u0026tag=1778600005"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-bundle@sha256%3A706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-operator-bundle\u0026tag=1779929597"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel9@sha256%3Aeb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-operator-rhel9\u0026tag=1778839890"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"product_id": "registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel9@sha256%3A8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-rhel9\u0026tag=1779922205"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel9@sha256%3Ab3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f?arch=arm64\u0026repository_url=registry.redhat.io/quay/quay-container-security-operator-rhel9\u0026tag=1778599991"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel9@sha256%3A07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62?arch=arm64\u0026repository_url=registry.redhat.io/quay/quay-bridge-operator-rhel9\u0026tag=1778599998"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3A7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a?arch=arm64\u0026repository_url=registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8\u0026tag=1778600428"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"product_id": "registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel9@sha256%3A805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27?arch=arm64\u0026repository_url=registry.redhat.io/quay/quay-builder-rhel9\u0026tag=1778599977"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"product": {
"name": "registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"product_id": "registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel9@sha256%3A3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a?arch=arm64\u0026repository_url=registry.redhat.io/quay/clair-rhel9\u0026tag=1778600005"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"product_id": "registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel9@sha256%3Ace7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1?arch=arm64\u0026repository_url=registry.redhat.io/quay/quay-operator-rhel9\u0026tag=1778839890"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64",
"product_id": "registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel9@sha256%3Aa24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110?arch=arm64\u0026repository_url=registry.redhat.io/quay/quay-rhel9\u0026tag=1779922205"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel9@sha256%3Ad59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0?arch=ppc64le\u0026repository_url=registry.redhat.io/quay/quay-container-security-operator-rhel9\u0026tag=1778599991"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel9@sha256%3Ab6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80?arch=ppc64le\u0026repository_url=registry.redhat.io/quay/quay-bridge-operator-rhel9\u0026tag=1778599998"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3Af932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4?arch=ppc64le\u0026repository_url=registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8\u0026tag=1778600428"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"product_id": "registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel9@sha256%3A466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c?arch=ppc64le\u0026repository_url=registry.redhat.io/quay/quay-builder-rhel9\u0026tag=1778599977"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"product": {
"name": "registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"product_id": "registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel9@sha256%3A97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79?arch=ppc64le\u0026repository_url=registry.redhat.io/quay/clair-rhel9\u0026tag=1778600005"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"product_id": "registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel9@sha256%3A18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03?arch=ppc64le\u0026repository_url=registry.redhat.io/quay/quay-operator-rhel9\u0026tag=1778839890"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"product_id": "registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel9@sha256%3A9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812?arch=ppc64le\u0026repository_url=registry.redhat.io/quay/quay-rhel9\u0026tag=1779922205"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel9@sha256%3Ae1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d?arch=s390x\u0026repository_url=registry.redhat.io/quay/quay-container-security-operator-rhel9\u0026tag=1778599991"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel9@sha256%3A8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912?arch=s390x\u0026repository_url=registry.redhat.io/quay/quay-bridge-operator-rhel9\u0026tag=1778599998"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3A8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b?arch=s390x\u0026repository_url=registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8\u0026tag=1778600428"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"product_id": "registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel9@sha256%3A661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8?arch=s390x\u0026repository_url=registry.redhat.io/quay/quay-builder-rhel9\u0026tag=1778599977"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"product": {
"name": "registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"product_id": "registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel9@sha256%3A5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75?arch=s390x\u0026repository_url=registry.redhat.io/quay/clair-rhel9\u0026tag=1778600005"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"product_id": "registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel9@sha256%3Ad05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883?arch=s390x\u0026repository_url=registry.redhat.io/quay/quay-operator-rhel9\u0026tag=1778839890"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"product_id": "registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel9@sha256%3A65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5?arch=s390x\u0026repository_url=registry.redhat.io/quay/quay-rhel9\u0026tag=1779922205"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64 as a component of Red Hat Quay 3.17",
"product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64"
},
"product_reference": "registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"relates_to_product_reference": "Red Hat Quay 3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x as a component of Red Hat Quay 3.17",
"product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x"
},
"product_reference": "registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"relates_to_product_reference": "Red Hat Quay 3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le as a component of Red Hat Quay 3.17",
"product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le"
},
"product_reference": "registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64 as a component of Red Hat Quay 3.17",
"product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64"
},
"product_reference": "registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"relates_to_product_reference": "Red Hat Quay 3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64 as a component of Red Hat Quay 3.17",
"product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"relates_to_product_reference": "Red Hat Quay 3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64 as a component of Red Hat Quay 3.17",
"product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"relates_to_product_reference": "Red Hat Quay 3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64 as a component of Red Hat Quay 3.17",
"product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"relates_to_product_reference": "Red Hat Quay 3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x as a component of Red Hat Quay 3.17",
"product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"relates_to_product_reference": "Red Hat Quay 3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le as a component of Red Hat Quay 3.17",
"product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64 as a component of Red Hat Quay 3.17",
"product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"relates_to_product_reference": "Red Hat Quay 3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x as a component of Red Hat Quay 3.17",
"product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"relates_to_product_reference": "Red Hat Quay 3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64 as a component of Red Hat Quay 3.17",
"product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"relates_to_product_reference": "Red Hat Quay 3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le as a component of Red Hat Quay 3.17",
"product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le as a component of Red Hat Quay 3.17",
"product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x as a component of Red Hat Quay 3.17",
"product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"relates_to_product_reference": "Red Hat Quay 3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64 as a component of Red Hat Quay 3.17",
"product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"relates_to_product_reference": "Red Hat Quay 3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64 as a component of Red Hat Quay 3.17",
"product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"relates_to_product_reference": "Red Hat Quay 3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64 as a component of Red Hat Quay 3.17",
"product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"relates_to_product_reference": "Red Hat Quay 3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64 as a component of Red Hat Quay 3.17",
"product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"relates_to_product_reference": "Red Hat Quay 3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64 as a component of Red Hat Quay 3.17",
"product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"relates_to_product_reference": "Red Hat Quay 3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le as a component of Red Hat Quay 3.17",
"product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x as a component of Red Hat Quay 3.17",
"product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"relates_to_product_reference": "Red Hat Quay 3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64 as a component of Red Hat Quay 3.17",
"product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"relates_to_product_reference": "Red Hat Quay 3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le as a component of Red Hat Quay 3.17",
"product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64 as a component of Red Hat Quay 3.17",
"product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"relates_to_product_reference": "Red Hat Quay 3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x as a component of Red Hat Quay 3.17",
"product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"relates_to_product_reference": "Red Hat Quay 3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64 as a component of Red Hat Quay 3.17",
"product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
"relates_to_product_reference": "Red Hat Quay 3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x as a component of Red Hat Quay 3.17",
"product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"relates_to_product_reference": "Red Hat Quay 3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64 as a component of Red Hat Quay 3.17",
"product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"relates_to_product_reference": "Red Hat Quay 3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le as a component of Red Hat Quay 3.17",
"product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64 as a component of Red Hat Quay 3.17",
"product_id": "Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64",
"relates_to_product_reference": "Red Hat Quay 3.17"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-62718",
"cwe": {
"id": "CWE-1289",
"name": "Improper Validation of Unsafe Equivalence in Input"
},
"discovery_date": "2026-04-09T15:01:48.111177+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456913"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability occurs because Axios does not correctly handle hostname normalization when evaluating NO_PROXY rules. An attacker can exploit this by crafting requests to loopback addresses (e.g., localhost. or [::1]) which bypass the NO_PROXY configuration and are routed through the configured proxy. This can lead to Server-Side Request Forgery (SSRF) vulnerabilities, enabling attackers to access sensitive internal or loopback services that should otherwise be protected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Server-Side Request Forgery and proxy bypass due to improper hostname normalization",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw has limited impact due to combination of non-default conditions to exploit: the attacker must be able to control or influence URLs passed to axios in a server-side context, the application must have both `HTTP_PROXY` and `NO_PROXY` configured, and the proxy itself must be positioned to act on the misdirected traffic or have been compromised by the attacker to intercept the rerouted traffic.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"known_not_affected": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62718"
},
{
"category": "external",
"summary": "RHBZ#2456913",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456913"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62718"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62718",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62718"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc1034#section-3.1",
"url": "https://datatracker.ietf.org/doc/html/rfc1034#section-3.1"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.2",
"url": "https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.2"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/commit/fb3befb6daac6cad26b2e54094d0f2d9e47f24df",
"url": "https://github.com/axios/axios/commit/fb3befb6daac6cad26b2e54094d0f2d9e47f24df"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/pull/10661",
"url": "https://github.com/axios/axios/pull/10661"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases/tag/v1.15.0",
"url": "https://github.com/axios/axios/releases/tag/v1.15.0"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-3p68-rc4w-qgx5",
"url": "https://github.com/axios/axios/security/advisories/GHSA-3p68-rc4w-qgx5"
}
],
"release_date": "2026-04-09T14:31:46.067000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-02T13:10:36+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22465"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Server-Side Request Forgery and proxy bypass due to improper hostname normalization"
},
{
"cve": "CVE-2026-4427",
"discovery_date": "2026-03-18T14:02:19.414820+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "other",
"text": "This CVE has been marked as Rejected by the assigning CNA.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"known_not_affected": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-4427"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-4427",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4427"
}
],
"release_date": "2026-03-18T13:00:31+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-02T13:10:36+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22465"
}
],
"title": "github.com/jackc/pgproto3: pgproto3: Denial of Service via negative field length in DataRow message"
},
{
"cve": "CVE-2026-27459",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2026-03-18T00:01:41.404915+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2448503"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in pyOpenSSL. The set_cookie_generate_callback callback function can be used to generate DTLS cookies. When the callback returns a cookie string or byte sequence longer than 256 bytes, a buffer overflow can be triggered due to a missing bounds checking before copying the data to a fixed-size buffer provided by the underlying OpenSSL library.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pyOpenSSL: DTLS cookie callback buffer overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is only exploitable when an application using the pyOpenSSL library provides a custom callback to the set_cookie_generate_callback function. For the buffer overflow to occur, the callback function must return a cookie string or byte sequence longer than 256 bytes, limiting the exposure of this issue. Due to these reasons, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"known_not_affected": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27459"
},
{
"category": "external",
"summary": "RHBZ#2448503",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448503"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27459",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27459"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27459",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27459"
},
{
"category": "external",
"summary": "https://github.com/pyca/pyopenssl/blob/358cbf29c4e364c59930e53a270116249581eaa3/CHANGELOG.rst",
"url": "https://github.com/pyca/pyopenssl/blob/358cbf29c4e364c59930e53a270116249581eaa3/CHANGELOG.rst"
},
{
"category": "external",
"summary": "https://github.com/pyca/pyopenssl/commit/57f09bb4bb051d3bc2a1abd36e9525313d5cd408",
"url": "https://github.com/pyca/pyopenssl/commit/57f09bb4bb051d3bc2a1abd36e9525313d5cd408"
},
{
"category": "external",
"summary": "https://github.com/pyca/pyopenssl/security/advisories/GHSA-5pwr-322w-8jr4",
"url": "https://github.com/pyca/pyopenssl/security/advisories/GHSA-5pwr-322w-8jr4"
}
],
"release_date": "2026-03-17T23:34:28.483000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-02T13:10:36+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22465"
},
{
"category": "workaround",
"details": "To mitigate this flaw, ensure the callback provided to the set_cookie_generate_callback function strictly limits the returned cookie string or byte sequence to under 256 bytes.",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "pyOpenSSL: DTLS cookie callback buffer overflow"
},
{
"cve": "CVE-2026-29063",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-03-06T19:00:57.982727+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445291"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Immutable.js, a library for persistent immutable data structures. This vulnerability, known as Prototype Pollution, allows an attacker with low privileges to inject unwanted properties into core JavaScript object prototypes without user interaction. By manipulating specific APIs such as mergeDeep(), mergeDeepWith(), merge(), Map.toJS(), and Map.toObject(), a remote attacker could potentially execute arbitrary code or cause a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "immutable-js: Immutable.js: Arbitrary code execution via Prototype Pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this vulnerability requires that an attacker is able to provide arbitrary data to clients of this library in a way that calls the affected functions with data the attacker controls. In most deployments, the ability to provide data in this fashion requires that an attacker has some degree of privileges to access the affected applications.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"known_not_affected": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-29063"
},
{
"category": "external",
"summary": "RHBZ#2445291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-29063",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29063"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-29063",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29063"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/releases/tag/v3.8.3",
"url": "https://github.com/immutable-js/immutable-js/releases/tag/v3.8.3"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/releases/tag/v4.3.8",
"url": "https://github.com/immutable-js/immutable-js/releases/tag/v4.3.8"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/releases/tag/v5.1.5",
"url": "https://github.com/immutable-js/immutable-js/releases/tag/v5.1.5"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/security/advisories/GHSA-wf6x-7x77-mvgw",
"url": "https://github.com/immutable-js/immutable-js/security/advisories/GHSA-wf6x-7x77-mvgw"
}
],
"release_date": "2026-03-06T18:25:22.438000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-02T13:10:36+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22465"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "immutable-js: Immutable.js: Arbitrary code execution via Prototype Pollution"
},
{
"cve": "CVE-2026-29074",
"cwe": {
"id": "CWE-776",
"name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
},
"discovery_date": "2026-03-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445132"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in SVGO, an SVG (Scalable Vector Graphics) Optimizer. This vulnerability allows a remote attacker to cause a Denial of Service (DoS) by submitting a specially crafted XML file. The application\u0027s failure to properly guard against XML entity expansion or recursion can lead to the Node.js process consuming excessive memory and crashing.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "svgo: SVGO: Denial of Service via XML entity expansion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"known_not_affected": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-29074"
},
{
"category": "external",
"summary": "RHBZ#2445132",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445132"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-29074",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29074"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-29074",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29074"
},
{
"category": "external",
"summary": "https://github.com/svg/svgo/security/advisories/GHSA-xpqw-6gx7-v673",
"url": "https://github.com/svg/svgo/security/advisories/GHSA-xpqw-6gx7-v673"
}
],
"release_date": "2026-03-06T07:23:05.716000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-02T13:10:36+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22465"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "svgo: SVGO: Denial of Service via XML entity expansion"
},
{
"cve": "CVE-2026-32280",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-08T02:01:19.572351+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go standard library\u0027s certificate chain building process. Systems utilizing Go applications that process untrusted TLS certificates or X.509 certificate chains are susceptible to resource exhaustion when presented with an excessive number of intermediate certificates, potentially leading to service unavailability. This flaw impacts applications directly using `crypto/x509` or `crypto/tls`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"known_not_affected": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "RHBZ#2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://go.dev/cl/758320",
"url": "https://go.dev/cl/758320"
},
{
"category": "external",
"summary": "https://go.dev/issue/78282",
"url": "https://go.dev/issue/78282"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4947",
"url": "https://pkg.go.dev/vuln/GO-2026-4947"
}
],
"release_date": "2026-04-08T01:06:58.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-02T13:10:36+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22465"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
},
{
"cve": "CVE-2026-32281",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2026-04-08T02:01:00.930989+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456333"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs during the validation of otherwise trusted certificate chains that contain a large number of policy mappings, leading to excessive resource consumption. Exploitation requires an attacker to present a specially crafted, yet trusted, certificate chain which would require the attacker has already compromised a trusted certificate root. Red Hat continuously monitors certificate authorities and curates the set which is trusted by default for Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"known_not_affected": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "RHBZ#2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://go.dev/cl/758061",
"url": "https://go.dev/cl/758061"
},
{
"category": "external",
"summary": "https://go.dev/issue/78281",
"url": "https://go.dev/issue/78281"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4946",
"url": "https://pkg.go.dev/vuln/GO-2026-4946"
}
],
"release_date": "2026-04-08T01:06:58.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-02T13:10:36+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22465"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation"
},
{
"cve": "CVE-2026-32282",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2026-04-08T02:01:12.683211+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456336"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs access to the system and the required permissions to create a symbolic link. Additionally, the attacker must swap the target file with a symbolic link in the exact window after the `Root.Chmod` function checks its target but before acting. Due to these conditions, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"known_not_affected": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "RHBZ#2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32282",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32282"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"category": "external",
"summary": "https://go.dev/cl/763761",
"url": "https://go.dev/cl/763761"
},
{
"category": "external",
"summary": "https://go.dev/issue/78293",
"url": "https://go.dev/issue/78293"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4864",
"url": "https://pkg.go.dev/vuln/GO-2026-4864"
}
],
"release_date": "2026-04-08T01:06:55.953000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-02T13:10:36+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22465"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root"
},
{
"cve": "CVE-2026-32286",
"cwe": {
"id": "CWE-1285",
"name": "Improper Validation of Specified Index, Position, or Offset in Input"
},
"discovery_date": "2026-03-26T20:01:59.226117+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2451847"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the DataRow.Decode function within the github.com/jackc/pgproto3/v2 component. A malicious or compromised PostgreSQL server can exploit this by sending a DataRow message containing a negative field length. This improper validation of field lengths leads to a \"slice bounds out of range panic\", resulting in a Denial of Service (DoS) for the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/jackc/pgproto3/v2: github.com/jackc/pgproto3/v2: Denial of Service via malicious PostgreSQL server",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The PostgreSQL server multicluster-globalhub-manager connects to is either provisioned by the operator itself or specified by the admin managing the deployment. To successfully exploit the vulnerability in this context the attacker would need to compromise the operator-deployed PostgreSQL server to force a crafted malicious DataRow message or they would need to have the privileges required to modify the operator-provisioned deployment or configure globalhub-manager to use a compromised/malicious \u201cBYO Postgres\u201d server.\n\nThe first scenario (compromising a legitimate PostgreSQL server) would change Attack Complexity from Low to High resulting in an adjusted CVSS v3.1 score of 5.9 (Moderate)\nThe other scenarios (manipulating the operator provisioned-deployment or configuring the globalhub-manager to use a malicious server) would maintain AC:L but would require privileged access. This would change Privileges Required from None to High resulting in an adjusted CVSS v3.1 score of 4.9 (Moderate)\n\nBased on the above the Impact Rating for multicluster-globalhub-manager-rhel9 is Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"known_not_affected": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32286"
},
{
"category": "external",
"summary": "RHBZ#2451847",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451847"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32286",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32286"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32286",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32286"
},
{
"category": "external",
"summary": "https://github.com/golang/vulndb/issues/4518",
"url": "https://github.com/golang/vulndb/issues/4518"
},
{
"category": "external",
"summary": "https://github.com/jackc/pgx/issues/2507",
"url": "https://github.com/jackc/pgx/issues/2507"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4518",
"url": "https://pkg.go.dev/vuln/GO-2026-4518"
}
],
"release_date": "2026-03-26T19:40:51.974000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-02T13:10:36+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22465"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/jackc/pgproto3/v2: github.com/jackc/pgproto3/v2: Denial of Service via malicious PostgreSQL server"
},
{
"acknowledgments": [
{
"names": [
"Antony Di Scala",
"Michael Whale"
]
}
],
"cve": "CVE-2026-32589",
"cwe": {
"id": "CWE-639",
"name": "Authorization Bypass Through User-Controlled Key"
},
"discovery_date": "2026-03-12T14:43:07.878000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2446963"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Red Hat Quay\u0027s container image upload process. An authenticated user with push access to any repository on the registry can interfere with image uploads in progress by other users, including those in repositories they do not have access to. This could allow the attacker to read, modify, or cancel another user\u0027s in-progress image upload.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mirror-registry: quay: insecure direct object reference in BlobUpload",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation requires valid login credentials to the Quay registry. Unauthenticated users cannot exploit this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"known_not_affected": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32589"
},
{
"category": "external",
"summary": "RHBZ#2446963",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446963"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32589",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32589"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32589",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32589"
}
],
"release_date": "2026-04-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-02T13:10:36+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22465"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mirror-registry: quay: insecure direct object reference in BlobUpload"
},
{
"acknowledgments": [
{
"names": [
"Antony Di Scala",
"Michael Whale"
]
}
],
"cve": "CVE-2026-32590",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2026-03-12T14:43:11.443000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2446964"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Red Hat Quay\u0027s handling of resumable container image layer uploads. The upload process stores intermediate data in the database using a format that, if tampered with, could allow an attacker to execute arbitrary code on the Quay server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mirror-registry: remote code execution using pickle deserialization",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation requires valid login credentials. The attacker must be authenticated to the registry, either through the web interface or through a container tool such as Podman.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"known_not_affected": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32590"
},
{
"category": "external",
"summary": "RHBZ#2446964",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446964"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32590",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32590"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32590",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32590"
}
],
"release_date": "2026-04-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-02T13:10:36+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22465"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mirror-registry: remote code execution using pickle deserialization"
},
{
"cve": "CVE-2026-33186",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-03-20T23:02:27.802640+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449833"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"known_not_affected": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "RHBZ#2449833",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449833"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33186",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33186"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3",
"url": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3"
}
],
"release_date": "2026-03-20T22:23:32.147000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-02T13:10:36+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22465"
},
{
"category": "workaround",
"details": "To mitigate this issue, implement infrastructure-level normalization to ensure all incoming HTTP/2 `:path` headers are properly formatted with a leading slash before reaching the gRPC-Go server. This can be achieved by configuring a reverse proxy or API gateway to validate and normalize the `:path` header. Ensure that any such intermediary is properly configured and restarted to apply the changes, which may temporarily impact service availability.",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation"
},
{
"cve": "CVE-2026-33747",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-03-27T02:01:29.921765+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452076"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in BuildKit, a toolkit for converting source code to build artifacts. An untrusted BuildKit frontend can be leveraged to craft a malicious API message, allowing files to be written outside of the designated BuildKit state directory. This vulnerability, which is a form of arbitrary file write, could enable an attacker to execute unauthorized code or escalate their privileges on the system. This issue arises when custom BuildKit frontends are used with specific configuration options.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "BuildKit: github.com/moby/buildkit: BuildKit: Arbitrary file write and code execution via untrusted frontend",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"known_not_affected": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33747"
},
{
"category": "external",
"summary": "RHBZ#2452076",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452076"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33747",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33747"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33747",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33747"
},
{
"category": "external",
"summary": "https://github.com/moby/buildkit/releases/tag/v0.28.1",
"url": "https://github.com/moby/buildkit/releases/tag/v0.28.1"
},
{
"category": "external",
"summary": "https://github.com/moby/buildkit/security/advisories/GHSA-4c29-8rgm-jvjj",
"url": "https://github.com/moby/buildkit/security/advisories/GHSA-4c29-8rgm-jvjj"
}
],
"release_date": "2026-03-27T00:49:06.165000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-02T13:10:36+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22465"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, avoid using untrusted BuildKit frontends. Restrict the use of custom BuildKit frontends to only those from verified and trusted sources. Do not specify untrusted frontends via `#syntax` or `--build-arg BUILDKIT_SYNTAX`.",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "BuildKit: github.com/moby/buildkit: BuildKit: Arbitrary file write and code execution via untrusted frontend"
},
{
"cve": "CVE-2026-33894",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2026-03-27T21:02:52.462999+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452464"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Forge (also called `node-forge`), a JavaScript implementation of Transport Layer Security. A remote attacker could exploit weaknesses in the RSASSA PKCS#1 v1.5 signature verification process. By crafting malicious signatures that include extra data within the ASN structure and do not meet padding requirements, an attacker can bypass signature validation. This allows for the creation of forged signatures that appear legitimate, potentially compromising the integrity and authenticity of communications.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: Forge: Signature Forgery via Weak RSASSA PKCS#1 v1.5 Verification",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"known_not_affected": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33894"
},
{
"category": "external",
"summary": "RHBZ#2452464",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452464"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33894",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33894"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33894",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33894"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc2313#section-8",
"url": "https://datatracker.ietf.org/doc/html/rfc2313#section-8"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp"
},
{
"category": "external",
"summary": "https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE",
"url": "https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE"
},
{
"category": "external",
"summary": "https://www.rfc-editor.org/rfc/rfc8017.html",
"url": "https://www.rfc-editor.org/rfc/rfc8017.html"
}
],
"release_date": "2026-03-27T20:45:49.583000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-02T13:10:36+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22465"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: Forge: Signature Forgery via Weak RSASSA PKCS#1 v1.5 Verification"
},
{
"cve": "CVE-2026-34986",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-04-06T17:01:34.639203+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455470"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"known_not_affected": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "RHBZ#2455470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-34986",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34986"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants",
"url": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants"
}
],
"release_date": "2026-04-06T16:22:45.353000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-02T13:10:36+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22465"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object"
},
{
"cve": "CVE-2026-39892",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-04-08T22:00:59.416053+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456735"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the cryptography library. This vulnerability occurs when a non-contiguous buffer is passed to certain application programming interfaces (APIs) that accept Python buffers, such as Hash.update(). A remote attacker could exploit this to cause a buffer overflow, potentially leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cryptography: Cryptography: Buffer overflow via non-contiguous buffer in API",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In default configurations Red Hat products isolate service processes from total system access. Should an attacker be able to exploit this vulnerability their impact will be limited to that service account and they will not have access to the broader system.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"known_not_affected": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39892"
},
{
"category": "external",
"summary": "RHBZ#2456735",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456735"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39892",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39892"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39892",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39892"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2026/04/08/12",
"url": "http://www.openwall.com/lists/oss-security/2026/04/08/12"
},
{
"category": "external",
"summary": "https://github.com/pyca/cryptography/commit/622d672e429a7cff836a23c5903683dbec1901f5",
"url": "https://github.com/pyca/cryptography/commit/622d672e429a7cff836a23c5903683dbec1901f5"
},
{
"category": "external",
"summary": "https://github.com/pyca/cryptography/security/advisories/GHSA-p423-j2cm-9vmq",
"url": "https://github.com/pyca/cryptography/security/advisories/GHSA-p423-j2cm-9vmq"
}
],
"release_date": "2026-04-08T20:49:41.967000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-02T13:10:36+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22465"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "cryptography: Cryptography: Buffer overflow via non-contiguous buffer in API"
},
{
"cve": "CVE-2026-40192",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2026-04-16T00:00:49.590876+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2458856"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Pillow, a Python imaging library. This vulnerability allows a remote attacker to trigger a denial of service (DoS) by providing a specially crafted FITS image file. The library\u0027s failure to limit the amount of GZIP-compressed data during decoding can lead to unbounded memory consumption, causing the system to crash or experience severe performance issues.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Pillow: Pillow: Denial of Service via decompression bomb in FITS image processing",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"known_not_affected": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-40192"
},
{
"category": "external",
"summary": "RHBZ#2458856",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458856"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-40192",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40192"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-40192",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40192"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/commit/3cb854e8b2bab43f40e342e665f9340d861aa628",
"url": "https://github.com/python-pillow/Pillow/commit/3cb854e8b2bab43f40e342e665f9340d861aa628"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/pull/9521",
"url": "https://github.com/python-pillow/Pillow/pull/9521"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-whj4-6x5x-4v2j",
"url": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-whj4-6x5x-4v2j"
},
{
"category": "external",
"summary": "https://pillow.readthedocs.io/en/stable/releasenotes/12.2.0.html#prevent-fits-decompression-bomb",
"url": "https://pillow.readthedocs.io/en/stable/releasenotes/12.2.0.html#prevent-fits-decompression-bomb"
}
],
"release_date": "2026-04-15T22:53:56.147000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-02T13:10:36+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22465"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Pillow: Pillow: Denial of Service via decompression bomb in FITS image processing"
},
{
"cve": "CVE-2026-40895",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"discovery_date": "2026-04-21T21:02:33.280553+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2460297"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in follow-redirects. When an HTTP request follows a cross-domain redirect (a redirection to a different domain), custom authentication headers, such as X-API-Key or X-Auth-Token, are not properly stripped. This allows these sensitive headers to be forwarded verbatim to the redirect target, potentially leading to the unintended disclosure of authentication information to an untrusted third party.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "follow-redirects: follow-redirects: Information disclosure via cross-domain redirects",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"known_not_affected": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-40895"
},
{
"category": "external",
"summary": "RHBZ#2460297",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460297"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-40895",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40895"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-40895",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40895"
},
{
"category": "external",
"summary": "https://github.com/follow-redirects/follow-redirects/security/advisories/GHSA-r4q5-vmmm-2653",
"url": "https://github.com/follow-redirects/follow-redirects/security/advisories/GHSA-r4q5-vmmm-2653"
}
],
"release_date": "2026-04-21T19:59:59.759000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-02T13:10:36+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22465"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "follow-redirects: follow-redirects: Information disclosure via cross-domain redirects"
},
{
"cve": "CVE-2026-42033",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-04-24T18:01:20.937507+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461607"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, an HTTP client library. This vulnerability allows an attacker to exploit a prototype pollution issue if another part of the application has already polluted the Object.prototype. By doing so, the attacker can intercept and modify JSON responses or take control of the HTTP communication. This could lead to unauthorized access to sensitive information like user credentials and request details.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: HTTP Transport Hijacking via Prototype Pollution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"known_not_affected": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42033"
},
{
"category": "external",
"summary": "RHBZ#2461607",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461607"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42033",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42033"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42033",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42033"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-pf86-5x62-jrwf",
"url": "https://github.com/axios/axios/security/advisories/GHSA-pf86-5x62-jrwf"
}
],
"release_date": "2026-04-24T17:36:44.132000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-02T13:10:36+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22465"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: HTTP Transport Hijacking via Prototype Pollution"
},
{
"cve": "CVE-2026-42035",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-04-24T18:01:17.109481+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461606"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a software library for making network requests. A remote attacker can exploit a prototype pollution vulnerability to inject arbitrary HTTP headers into outgoing requests. This occurs when the application\u0027s core object definitions are manipulated, causing Axios to misinterpret data and include attacker-controlled headers in network communications. This could lead to unauthorized actions or data manipulation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Arbitrary HTTP header injection via prototype pollution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"known_not_affected": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42035"
},
{
"category": "external",
"summary": "RHBZ#2461606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461606"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42035",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42035"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42035",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42035"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-6chq-wfr3-2hj9",
"url": "https://github.com/axios/axios/security/advisories/GHSA-6chq-wfr3-2hj9"
}
],
"release_date": "2026-04-24T17:38:07.752000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-02T13:10:36+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22465"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "axios: Axios: Arbitrary HTTP header injection via prototype pollution"
},
{
"cve": "CVE-2026-42039",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-24T19:01:44.887156+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461630"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client for browsers and Node.js. This vulnerability occurs because the `toFormData` function recursively processes nested objects without a depth limit. A remote attacker can exploit this by sending deeply nested request data, which causes the Node.js process to crash due to a RangeError, leading to a potential Denial of Service (DoS) if the process crashes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Node.js: Axios: Denial of Service via unbounded recursion in toFormData with deeply nested request data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"known_not_affected": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42039"
},
{
"category": "external",
"summary": "RHBZ#2461630",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461630"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42039",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42039"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42039",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42039"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-62hf-57xw-28j9",
"url": "https://github.com/axios/axios/security/advisories/GHSA-62hf-57xw-28j9"
}
],
"release_date": "2026-04-24T18:01:30.775000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-02T13:10:36+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22465"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Node.js: Axios: Denial of Service via unbounded recursion in toFormData with deeply nested request data"
},
{
"cve": "CVE-2026-42041",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-04-24T19:01:41.034289+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461629"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability, a Prototype Pollution \"Gadget\" attack, allows an attacker to manipulate the `Object.prototype.validateStatus` property. By polluting this property, all HTTP error responses (such as 401, 403, or 500) are silently treated as successful responses. This can lead to a complete bypass of application-level authentication and error handling, potentially granting unauthorized access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Authentication bypass due to prototype pollution of HTTP error handling",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"known_not_affected": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42041"
},
{
"category": "external",
"summary": "RHBZ#2461629",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461629"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42041",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42041"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-w9j2-pvgh-6h63",
"url": "https://github.com/axios/axios/security/advisories/GHSA-w9j2-pvgh-6h63"
}
],
"release_date": "2026-04-24T17:55:30.036000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-02T13:10:36+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22465"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Authentication bypass due to prototype pollution of HTTP error handling"
},
{
"cve": "CVE-2026-42043",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2026-04-24T19:01:22.552379+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461626"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. An attacker who can control the destination address of an Axios request can exploit this vulnerability. By using specific internal network addresses (within the 127.0.0.0/8 range, excluding 127.0.0.1), the attacker can completely bypass the NO_PROXY protection, potentially leading to unauthorized access or information disclosure within the network. This issue is an incomplete fix for a previous vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: NO_PROXY bypass via crafted URL",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"known_not_affected": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42043"
},
{
"category": "external",
"summary": "RHBZ#2461626",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461626"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42043",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42043"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42043",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42043"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-pmwg-cvhr-8vh7",
"url": "https://github.com/axios/axios/security/advisories/GHSA-pmwg-cvhr-8vh7"
}
],
"release_date": "2026-04-24T17:54:42.668000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-02T13:10:36+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22465"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: NO_PROXY bypass via crafted URL"
},
{
"cve": "CVE-2026-42044",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-04-24T19:01:13.418725+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461624"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a widely used HTTP client. This vulnerability, known as a Prototype Pollution \"Gadget\" attack, allows a remote attacker to subtly alter JSON API responses. By manipulating a specific function, an attacker can selectively modify data within these responses. This could lead to significant security breaches, including unauthorized privilege escalation, fraudulent balance manipulation, or bypassing critical authorization checks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"known_not_affected": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42044"
},
{
"category": "external",
"summary": "RHBZ#2461624",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461624"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42044",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42044"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42044",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42044"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-3w6x-2g7m-8v23",
"url": "https://github.com/axios/axios/security/advisories/GHSA-3w6x-2g7m-8v23"
}
],
"release_date": "2026-04-24T17:49:49.517000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-02T13:10:36+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22465"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:3a55b3ec35c4a8e6359043566b86376871be774355cf8f09b442b268b5f2243a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:5821c6d9fc1efb01b375cd59017be0ab7adb1794e8ab92b03387e7930d73fd75_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:97f144ef4b31ee6cfb154555c6f15ef4184bebf9298b440eb604228435513c79_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/clair-rhel9@sha256:c38a3a6547c9da624e72c0a5092fba5668a66a9b2f440808b8b6f100fa1d1ae8_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:844173e5e8d469ff53b4741735f12c262f70122a83e1a3b44287633f87d922f9_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:07ac14b5985a6d1aab2ad58d0ed6fcd94a538de1c9bd171bc4a4162b2ade6a62_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:53294b9f3b327dcd9cd5e2188d0ee4b0861c00923421de85319f2dc442ce7508_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:8e927b2102b2d5cd45629790d16c5ada1cc327b6a64acb33d36e2c4f7fbd9912_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b6ca818876d348e6204c808d141be0190946279851a00eb4211888e945c90f80_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:7914cfbd30aa0ca0a25b72387ef420879f6eb890b607c88b75f6aa1c9528ed2a_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8838c17d3bb0b1490e23866c3ebc3a7c212d381aab4df0d519a8ea2d6099ae3b_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8dded1d8b749a07ff9400399ba8a005d59258eb896b9ff66014587e5b8dd63f6_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f932e889884451edf02937c8c7b858c15542d8f49bed07414c01e9bf4e879bd4_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:466b8c2341eb4d2f6c6dd02c7403e5d96fb011b192b9d3bd1d9519855dee1e5c_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:661fb709bf1bf1b391534159a8df1567245cc791f069035f3c6531ee536cebf8_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:805855fd0e19fcb41d0ee649196ac2eefd19a7af1394c643d1981db033517e27_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-builder-rhel9@sha256:e2e5b4773f22bf9205096f15b3a2275f748c0c3f00f1c480e4f336615a5cea91_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4aea7185e69a0d0c235cb7d1ee55c9bf4336fe8c2a5a911a9e298d56673f847c_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:0db0854b0aebfbc40f819ee94fadea510ed5b8294a16af0eee88880129d52587_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:b3b93f33b172be548f93e48755e0a88e88de33cbe2d65858ee93c5c5fefa5c1f_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d59de91f679cc4b70d2093d717dbdf3f8bef7322de1d43f7db2470cff1f022e0_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e1d6574191585e5cc4416c8c6efd5b4dad26b6dba4c54ca4008f8d314d59145d_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-bundle@sha256:706312389cb29f050fbb20ad327d0cdd2adc526fb32346abe1a6e98d64323bfd_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:18eda16fdd54b45a3fe484542d20fb1b1b4fd5b9e38c79d70dc11b4c0e1bab03_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:ce7a9853fdd031d67e796becced393855e1944ecd9e8acb2d589403834d0b7f1_arm64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:d05c09022220346d62bc4dc57984c7368994d317d5745139191d6aba70599883_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-operator-rhel9@sha256:eb037e300339377b57b964f05c5988b3d8f5a1a8fb63a3e167de6b68dc875e1f_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:65c631d107c264bef8a74336077b413609da4cfc37c8c9488afdcaa0df07dad5_s390x",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:8c7f4a453b3414c2d3457f2a8c65b67c70dd55e4bf7a31a9f3674865af5e1da1_amd64",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:9e4588550a0e266f7598eb4af1dd020629357ffd305a02d8e7765114c7210812_ppc64le",
"Red Hat Quay 3.17:registry.redhat.io/quay/quay-rhel9@sha256:a24c973edd52d4a418d415d54108cf44f495a969db1d0f6e5b6149e0a6021110_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget"
}
]
}
RHSA-2026:22485
Vulnerability from csaf_redhat - Published: 2026-06-02 14:17 - Updated: 2026-07-14 05:24A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:77f1e202337d716cd2fe7a6701efdeed9cae719f3dfdadf7a0fd4574a11b6ed8_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:b362fa9e2a18aa84f2393cce8555d34a9c8de822c65756897717ad54e2aa7c45_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:bb7ee5838e15f9a31c12af6f4629bb90ac0b41eeee98e0bac4642c6a764944cb_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:c7d68fdde482c4df1768b99ca6cb6fb358410a152020aca8cfac27bcf77d813b_arm64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-operator-bundle@sha256:0afe9ca958403340a8ab4d89e07c4b685ea69cbfd5b94c3bc76b5db85afd152d_amd64 | — |
A flaw was found in Go's `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:77f1e202337d716cd2fe7a6701efdeed9cae719f3dfdadf7a0fd4574a11b6ed8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:b362fa9e2a18aa84f2393cce8555d34a9c8de822c65756897717ad54e2aa7c45_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:bb7ee5838e15f9a31c12af6f4629bb90ac0b41eeee98e0bac4642c6a764944cb_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:c7d68fdde482c4df1768b99ca6cb6fb358410a152020aca8cfac27bcf77d813b_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-operator-bundle@sha256:0afe9ca958403340a8ab4d89e07c4b685ea69cbfd5b94c3bc76b5db85afd152d_amd64 | — |
Workaround
|
A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:77f1e202337d716cd2fe7a6701efdeed9cae719f3dfdadf7a0fd4574a11b6ed8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:b362fa9e2a18aa84f2393cce8555d34a9c8de822c65756897717ad54e2aa7c45_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:bb7ee5838e15f9a31c12af6f4629bb90ac0b41eeee98e0bac4642c6a764944cb_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:c7d68fdde482c4df1768b99ca6cb6fb358410a152020aca8cfac27bcf77d813b_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-operator-bundle@sha256:0afe9ca958403340a8ab4d89e07c4b685ea69cbfd5b94c3bc76b5db85afd152d_amd64 | — |
Workaround
|
A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:77f1e202337d716cd2fe7a6701efdeed9cae719f3dfdadf7a0fd4574a11b6ed8_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:b362fa9e2a18aa84f2393cce8555d34a9c8de822c65756897717ad54e2aa7c45_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:bb7ee5838e15f9a31c12af6f4629bb90ac0b41eeee98e0bac4642c6a764944cb_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:c7d68fdde482c4df1768b99ca6cb6fb358410a152020aca8cfac27bcf77d813b_arm64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-operator-bundle@sha256:0afe9ca958403340a8ab4d89e07c4b685ea69cbfd5b94c3bc76b5db85afd152d_amd64 | — |
A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:77f1e202337d716cd2fe7a6701efdeed9cae719f3dfdadf7a0fd4574a11b6ed8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:b362fa9e2a18aa84f2393cce8555d34a9c8de822c65756897717ad54e2aa7c45_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:bb7ee5838e15f9a31c12af6f4629bb90ac0b41eeee98e0bac4642c6a764944cb_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:c7d68fdde482c4df1768b99ca6cb6fb358410a152020aca8cfac27bcf77d813b_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-operator-bundle@sha256:0afe9ca958403340a8ab4d89e07c4b685ea69cbfd5b94c3bc76b5db85afd152d_amd64 | — |
Workaround
|
A flaw was found in the `crypto/x509` package within Go (golang). When verifying a certificate chain, excluded DNS (Domain Name System) constraints are not correctly applied to wildcard DNS Subject Alternative Names (SANs) if the case of the SAN differs from the constraint. This oversight could allow an attacker to bypass certificate validation, potentially leading to the acceptance of a malicious certificate that should have been rejected. This issue specifically impacts the validation of trusted certificate chains.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:77f1e202337d716cd2fe7a6701efdeed9cae719f3dfdadf7a0fd4574a11b6ed8_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:b362fa9e2a18aa84f2393cce8555d34a9c8de822c65756897717ad54e2aa7c45_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:bb7ee5838e15f9a31c12af6f4629bb90ac0b41eeee98e0bac4642c6a764944cb_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:c7d68fdde482c4df1768b99ca6cb6fb358410a152020aca8cfac27bcf77d813b_arm64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-operator-bundle@sha256:0afe9ca958403340a8ab4d89e07c4b685ea69cbfd5b94c3bc76b5db85afd152d_amd64 | — |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat Lightspeed (formerly Insights) for Runtimes on RHEL 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "An update is now available for Red Hat Lightspeed (formerly Insights) for Runtimes on RHEL 9.\n\nSecurity fix(es):\n\n* gRPC-Go: Authorization bypass due to improper HTTP/2 path validation (CVE-2026-33186)\n* crypto/x509: Denial of Service via inefficient certificate chain validation (CVE-2026-32281)\n* internal/syscall/unix: Root.Chmod can follow symlinks out of the root (CVE-2026-32282)\n* crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)\n* crypto/x509: crypto/tls: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)\n* crypto/x509: Certificate validation bypass due to incorrect DNS constraint application (CVE-2026-33810)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:22485",
"url": "https://access.redhat.com/errata/RHSA-2026:22485"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32280",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32281",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32282",
"url": "https://access.redhat.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32283",
"url": "https://access.redhat.com/security/cve/CVE-2026-32283"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33186",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33810",
"url": "https://access.redhat.com/security/cve/CVE-2026-33810"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_22485.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Lightspeed (formerly Insights) for Runtimes security update",
"tracking": {
"current_release_date": "2026-07-14T05:24:27+00:00",
"generator": {
"date": "2026-07-14T05:24:27+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.2"
}
},
"id": "RHSA-2026:22485",
"initial_release_date": "2026-06-02T14:17:27+00:00",
"revision_history": [
{
"date": "2026-06-02T14:17:27+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-02T14:17:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-14T05:24:27+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Lightspeed (formerly Insights) for Runtimes 1",
"product": {
"name": "Red Hat Lightspeed (formerly Insights) for Runtimes 1",
"product_id": "Red Hat Lightspeed (formerly Insights) for Runtimes 1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:lightspeed_for_runtimes:1.0::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Lightspeed (formerly Insights) for Runtimes"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:77f1e202337d716cd2fe7a6701efdeed9cae719f3dfdadf7a0fd4574a11b6ed8_amd64",
"product": {
"name": "registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:77f1e202337d716cd2fe7a6701efdeed9cae719f3dfdadf7a0fd4574a11b6ed8_amd64",
"product_id": "registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:77f1e202337d716cd2fe7a6701efdeed9cae719f3dfdadf7a0fd4574a11b6ed8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/runtimes-inventory-rhel9-operator@sha256%3A77f1e202337d716cd2fe7a6701efdeed9cae719f3dfdadf7a0fd4574a11b6ed8?arch=amd64\u0026repository_url=registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator\u0026tag=1.0.3-1779996197"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-operator-bundle@sha256:0afe9ca958403340a8ab4d89e07c4b685ea69cbfd5b94c3bc76b5db85afd152d_amd64",
"product": {
"name": "registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-operator-bundle@sha256:0afe9ca958403340a8ab4d89e07c4b685ea69cbfd5b94c3bc76b5db85afd152d_amd64",
"product_id": "registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-operator-bundle@sha256:0afe9ca958403340a8ab4d89e07c4b685ea69cbfd5b94c3bc76b5db85afd152d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/runtimes-inventory-operator-bundle@sha256%3A0afe9ca958403340a8ab4d89e07c4b685ea69cbfd5b94c3bc76b5db85afd152d?arch=amd64\u0026repository_url=registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-operator-bundle\u0026tag=1.0.3-1779996840"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:c7d68fdde482c4df1768b99ca6cb6fb358410a152020aca8cfac27bcf77d813b_arm64",
"product": {
"name": "registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:c7d68fdde482c4df1768b99ca6cb6fb358410a152020aca8cfac27bcf77d813b_arm64",
"product_id": "registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:c7d68fdde482c4df1768b99ca6cb6fb358410a152020aca8cfac27bcf77d813b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/runtimes-inventory-rhel9-operator@sha256%3Ac7d68fdde482c4df1768b99ca6cb6fb358410a152020aca8cfac27bcf77d813b?arch=arm64\u0026repository_url=registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator\u0026tag=1.0.3-1779996197"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:b362fa9e2a18aa84f2393cce8555d34a9c8de822c65756897717ad54e2aa7c45_ppc64le",
"product": {
"name": "registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:b362fa9e2a18aa84f2393cce8555d34a9c8de822c65756897717ad54e2aa7c45_ppc64le",
"product_id": "registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:b362fa9e2a18aa84f2393cce8555d34a9c8de822c65756897717ad54e2aa7c45_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/runtimes-inventory-rhel9-operator@sha256%3Ab362fa9e2a18aa84f2393cce8555d34a9c8de822c65756897717ad54e2aa7c45?arch=ppc64le\u0026repository_url=registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator\u0026tag=1.0.3-1779996197"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:bb7ee5838e15f9a31c12af6f4629bb90ac0b41eeee98e0bac4642c6a764944cb_s390x",
"product": {
"name": "registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:bb7ee5838e15f9a31c12af6f4629bb90ac0b41eeee98e0bac4642c6a764944cb_s390x",
"product_id": "registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:bb7ee5838e15f9a31c12af6f4629bb90ac0b41eeee98e0bac4642c6a764944cb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/runtimes-inventory-rhel9-operator@sha256%3Abb7ee5838e15f9a31c12af6f4629bb90ac0b41eeee98e0bac4642c6a764944cb?arch=s390x\u0026repository_url=registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator\u0026tag=1.0.3-1779996197"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-operator-bundle@sha256:0afe9ca958403340a8ab4d89e07c4b685ea69cbfd5b94c3bc76b5db85afd152d_amd64 as a component of Red Hat Lightspeed (formerly Insights) for Runtimes 1",
"product_id": "Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-operator-bundle@sha256:0afe9ca958403340a8ab4d89e07c4b685ea69cbfd5b94c3bc76b5db85afd152d_amd64"
},
"product_reference": "registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-operator-bundle@sha256:0afe9ca958403340a8ab4d89e07c4b685ea69cbfd5b94c3bc76b5db85afd152d_amd64",
"relates_to_product_reference": "Red Hat Lightspeed (formerly Insights) for Runtimes 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:77f1e202337d716cd2fe7a6701efdeed9cae719f3dfdadf7a0fd4574a11b6ed8_amd64 as a component of Red Hat Lightspeed (formerly Insights) for Runtimes 1",
"product_id": "Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:77f1e202337d716cd2fe7a6701efdeed9cae719f3dfdadf7a0fd4574a11b6ed8_amd64"
},
"product_reference": "registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:77f1e202337d716cd2fe7a6701efdeed9cae719f3dfdadf7a0fd4574a11b6ed8_amd64",
"relates_to_product_reference": "Red Hat Lightspeed (formerly Insights) for Runtimes 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:b362fa9e2a18aa84f2393cce8555d34a9c8de822c65756897717ad54e2aa7c45_ppc64le as a component of Red Hat Lightspeed (formerly Insights) for Runtimes 1",
"product_id": "Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:b362fa9e2a18aa84f2393cce8555d34a9c8de822c65756897717ad54e2aa7c45_ppc64le"
},
"product_reference": "registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:b362fa9e2a18aa84f2393cce8555d34a9c8de822c65756897717ad54e2aa7c45_ppc64le",
"relates_to_product_reference": "Red Hat Lightspeed (formerly Insights) for Runtimes 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:bb7ee5838e15f9a31c12af6f4629bb90ac0b41eeee98e0bac4642c6a764944cb_s390x as a component of Red Hat Lightspeed (formerly Insights) for Runtimes 1",
"product_id": "Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:bb7ee5838e15f9a31c12af6f4629bb90ac0b41eeee98e0bac4642c6a764944cb_s390x"
},
"product_reference": "registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:bb7ee5838e15f9a31c12af6f4629bb90ac0b41eeee98e0bac4642c6a764944cb_s390x",
"relates_to_product_reference": "Red Hat Lightspeed (formerly Insights) for Runtimes 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:c7d68fdde482c4df1768b99ca6cb6fb358410a152020aca8cfac27bcf77d813b_arm64 as a component of Red Hat Lightspeed (formerly Insights) for Runtimes 1",
"product_id": "Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:c7d68fdde482c4df1768b99ca6cb6fb358410a152020aca8cfac27bcf77d813b_arm64"
},
"product_reference": "registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:c7d68fdde482c4df1768b99ca6cb6fb358410a152020aca8cfac27bcf77d813b_arm64",
"relates_to_product_reference": "Red Hat Lightspeed (formerly Insights) for Runtimes 1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-32280",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-08T02:01:19.572351+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-operator-bundle@sha256:0afe9ca958403340a8ab4d89e07c4b685ea69cbfd5b94c3bc76b5db85afd152d_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go standard library\u0027s certificate chain building process. Systems utilizing Go applications that process untrusted TLS certificates or X.509 certificate chains are susceptible to resource exhaustion when presented with an excessive number of intermediate certificates, potentially leading to service unavailability. This flaw impacts applications directly using `crypto/x509` or `crypto/tls`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:77f1e202337d716cd2fe7a6701efdeed9cae719f3dfdadf7a0fd4574a11b6ed8_amd64",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:b362fa9e2a18aa84f2393cce8555d34a9c8de822c65756897717ad54e2aa7c45_ppc64le",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:bb7ee5838e15f9a31c12af6f4629bb90ac0b41eeee98e0bac4642c6a764944cb_s390x",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:c7d68fdde482c4df1768b99ca6cb6fb358410a152020aca8cfac27bcf77d813b_arm64"
],
"known_not_affected": [
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-operator-bundle@sha256:0afe9ca958403340a8ab4d89e07c4b685ea69cbfd5b94c3bc76b5db85afd152d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "RHBZ#2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://go.dev/cl/758320",
"url": "https://go.dev/cl/758320"
},
{
"category": "external",
"summary": "https://go.dev/issue/78282",
"url": "https://go.dev/issue/78282"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4947",
"url": "https://pkg.go.dev/vuln/GO-2026-4947"
}
],
"release_date": "2026-04-08T01:06:58.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-02T14:17:27+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:77f1e202337d716cd2fe7a6701efdeed9cae719f3dfdadf7a0fd4574a11b6ed8_amd64",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:b362fa9e2a18aa84f2393cce8555d34a9c8de822c65756897717ad54e2aa7c45_ppc64le",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:bb7ee5838e15f9a31c12af6f4629bb90ac0b41eeee98e0bac4642c6a764944cb_s390x",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:c7d68fdde482c4df1768b99ca6cb6fb358410a152020aca8cfac27bcf77d813b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22485"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-operator-bundle@sha256:0afe9ca958403340a8ab4d89e07c4b685ea69cbfd5b94c3bc76b5db85afd152d_amd64",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:77f1e202337d716cd2fe7a6701efdeed9cae719f3dfdadf7a0fd4574a11b6ed8_amd64",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:b362fa9e2a18aa84f2393cce8555d34a9c8de822c65756897717ad54e2aa7c45_ppc64le",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:bb7ee5838e15f9a31c12af6f4629bb90ac0b41eeee98e0bac4642c6a764944cb_s390x",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:c7d68fdde482c4df1768b99ca6cb6fb358410a152020aca8cfac27bcf77d813b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
},
{
"cve": "CVE-2026-32281",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2026-04-08T02:01:00.930989+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-operator-bundle@sha256:0afe9ca958403340a8ab4d89e07c4b685ea69cbfd5b94c3bc76b5db85afd152d_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456333"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs during the validation of otherwise trusted certificate chains that contain a large number of policy mappings, leading to excessive resource consumption. Exploitation requires an attacker to present a specially crafted, yet trusted, certificate chain which would require the attacker has already compromised a trusted certificate root. Red Hat continuously monitors certificate authorities and curates the set which is trusted by default for Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:77f1e202337d716cd2fe7a6701efdeed9cae719f3dfdadf7a0fd4574a11b6ed8_amd64",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:b362fa9e2a18aa84f2393cce8555d34a9c8de822c65756897717ad54e2aa7c45_ppc64le",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:bb7ee5838e15f9a31c12af6f4629bb90ac0b41eeee98e0bac4642c6a764944cb_s390x",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:c7d68fdde482c4df1768b99ca6cb6fb358410a152020aca8cfac27bcf77d813b_arm64"
],
"known_not_affected": [
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-operator-bundle@sha256:0afe9ca958403340a8ab4d89e07c4b685ea69cbfd5b94c3bc76b5db85afd152d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "RHBZ#2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://go.dev/cl/758061",
"url": "https://go.dev/cl/758061"
},
{
"category": "external",
"summary": "https://go.dev/issue/78281",
"url": "https://go.dev/issue/78281"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4946",
"url": "https://pkg.go.dev/vuln/GO-2026-4946"
}
],
"release_date": "2026-04-08T01:06:58.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-02T14:17:27+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:77f1e202337d716cd2fe7a6701efdeed9cae719f3dfdadf7a0fd4574a11b6ed8_amd64",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:b362fa9e2a18aa84f2393cce8555d34a9c8de822c65756897717ad54e2aa7c45_ppc64le",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:bb7ee5838e15f9a31c12af6f4629bb90ac0b41eeee98e0bac4642c6a764944cb_s390x",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:c7d68fdde482c4df1768b99ca6cb6fb358410a152020aca8cfac27bcf77d813b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22485"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-operator-bundle@sha256:0afe9ca958403340a8ab4d89e07c4b685ea69cbfd5b94c3bc76b5db85afd152d_amd64",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:77f1e202337d716cd2fe7a6701efdeed9cae719f3dfdadf7a0fd4574a11b6ed8_amd64",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:b362fa9e2a18aa84f2393cce8555d34a9c8de822c65756897717ad54e2aa7c45_ppc64le",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:bb7ee5838e15f9a31c12af6f4629bb90ac0b41eeee98e0bac4642c6a764944cb_s390x",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:c7d68fdde482c4df1768b99ca6cb6fb358410a152020aca8cfac27bcf77d813b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-operator-bundle@sha256:0afe9ca958403340a8ab4d89e07c4b685ea69cbfd5b94c3bc76b5db85afd152d_amd64",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:77f1e202337d716cd2fe7a6701efdeed9cae719f3dfdadf7a0fd4574a11b6ed8_amd64",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:b362fa9e2a18aa84f2393cce8555d34a9c8de822c65756897717ad54e2aa7c45_ppc64le",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:bb7ee5838e15f9a31c12af6f4629bb90ac0b41eeee98e0bac4642c6a764944cb_s390x",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:c7d68fdde482c4df1768b99ca6cb6fb358410a152020aca8cfac27bcf77d813b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation"
},
{
"cve": "CVE-2026-32282",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2026-04-08T02:01:12.683211+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-operator-bundle@sha256:0afe9ca958403340a8ab4d89e07c4b685ea69cbfd5b94c3bc76b5db85afd152d_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456336"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs access to the system and the required permissions to create a symbolic link. Additionally, the attacker must swap the target file with a symbolic link in the exact window after the `Root.Chmod` function checks its target but before acting. Due to these conditions, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:77f1e202337d716cd2fe7a6701efdeed9cae719f3dfdadf7a0fd4574a11b6ed8_amd64",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:b362fa9e2a18aa84f2393cce8555d34a9c8de822c65756897717ad54e2aa7c45_ppc64le",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:bb7ee5838e15f9a31c12af6f4629bb90ac0b41eeee98e0bac4642c6a764944cb_s390x",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:c7d68fdde482c4df1768b99ca6cb6fb358410a152020aca8cfac27bcf77d813b_arm64"
],
"known_not_affected": [
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-operator-bundle@sha256:0afe9ca958403340a8ab4d89e07c4b685ea69cbfd5b94c3bc76b5db85afd152d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "RHBZ#2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32282",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32282"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"category": "external",
"summary": "https://go.dev/cl/763761",
"url": "https://go.dev/cl/763761"
},
{
"category": "external",
"summary": "https://go.dev/issue/78293",
"url": "https://go.dev/issue/78293"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4864",
"url": "https://pkg.go.dev/vuln/GO-2026-4864"
}
],
"release_date": "2026-04-08T01:06:55.953000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-02T14:17:27+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:77f1e202337d716cd2fe7a6701efdeed9cae719f3dfdadf7a0fd4574a11b6ed8_amd64",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:b362fa9e2a18aa84f2393cce8555d34a9c8de822c65756897717ad54e2aa7c45_ppc64le",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:bb7ee5838e15f9a31c12af6f4629bb90ac0b41eeee98e0bac4642c6a764944cb_s390x",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:c7d68fdde482c4df1768b99ca6cb6fb358410a152020aca8cfac27bcf77d813b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22485"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-operator-bundle@sha256:0afe9ca958403340a8ab4d89e07c4b685ea69cbfd5b94c3bc76b5db85afd152d_amd64",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:77f1e202337d716cd2fe7a6701efdeed9cae719f3dfdadf7a0fd4574a11b6ed8_amd64",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:b362fa9e2a18aa84f2393cce8555d34a9c8de822c65756897717ad54e2aa7c45_ppc64le",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:bb7ee5838e15f9a31c12af6f4629bb90ac0b41eeee98e0bac4642c6a764944cb_s390x",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:c7d68fdde482c4df1768b99ca6cb6fb358410a152020aca8cfac27bcf77d813b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-operator-bundle@sha256:0afe9ca958403340a8ab4d89e07c4b685ea69cbfd5b94c3bc76b5db85afd152d_amd64",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:77f1e202337d716cd2fe7a6701efdeed9cae719f3dfdadf7a0fd4574a11b6ed8_amd64",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:b362fa9e2a18aa84f2393cce8555d34a9c8de822c65756897717ad54e2aa7c45_ppc64le",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:bb7ee5838e15f9a31c12af6f4629bb90ac0b41eeee98e0bac4642c6a764944cb_s390x",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:c7d68fdde482c4df1768b99ca6cb6fb358410a152020aca8cfac27bcf77d813b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root"
},
{
"cve": "CVE-2026-32283",
"cwe": {
"id": "CWE-764",
"name": "Multiple Locks of a Critical Resource"
},
"discovery_date": "2026-04-08T02:01:16.213799+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-operator-bundle@sha256:0afe9ca958403340a8ab4d89e07c4b685ea69cbfd5b94c3bc76b5db85afd152d_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456338"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Important: A flaw in the Go `crypto/tls` package allows a remote attacker to cause a denial of service in applications using TLS 1.3. By sending multiple key update messages in a single record post-handshake, an attacker can trigger a connection deadlock, leading to uncontrolled resource consumption. This impacts Red Hat products utilizing the affected Go standard library for TLS 1.3 connections.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:77f1e202337d716cd2fe7a6701efdeed9cae719f3dfdadf7a0fd4574a11b6ed8_amd64",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:b362fa9e2a18aa84f2393cce8555d34a9c8de822c65756897717ad54e2aa7c45_ppc64le",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:bb7ee5838e15f9a31c12af6f4629bb90ac0b41eeee98e0bac4642c6a764944cb_s390x",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:c7d68fdde482c4df1768b99ca6cb6fb358410a152020aca8cfac27bcf77d813b_arm64"
],
"known_not_affected": [
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-operator-bundle@sha256:0afe9ca958403340a8ab4d89e07c4b685ea69cbfd5b94c3bc76b5db85afd152d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32283"
},
{
"category": "external",
"summary": "RHBZ#2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32283",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32283"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"category": "external",
"summary": "https://go.dev/cl/763767",
"url": "https://go.dev/cl/763767"
},
{
"category": "external",
"summary": "https://go.dev/issue/78334",
"url": "https://go.dev/issue/78334"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4870",
"url": "https://pkg.go.dev/vuln/GO-2026-4870"
}
],
"release_date": "2026-04-08T01:06:57.670000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-02T14:17:27+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:77f1e202337d716cd2fe7a6701efdeed9cae719f3dfdadf7a0fd4574a11b6ed8_amd64",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:b362fa9e2a18aa84f2393cce8555d34a9c8de822c65756897717ad54e2aa7c45_ppc64le",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:bb7ee5838e15f9a31c12af6f4629bb90ac0b41eeee98e0bac4642c6a764944cb_s390x",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:c7d68fdde482c4df1768b99ca6cb6fb358410a152020aca8cfac27bcf77d813b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22485"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-operator-bundle@sha256:0afe9ca958403340a8ab4d89e07c4b685ea69cbfd5b94c3bc76b5db85afd152d_amd64",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:77f1e202337d716cd2fe7a6701efdeed9cae719f3dfdadf7a0fd4574a11b6ed8_amd64",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:b362fa9e2a18aa84f2393cce8555d34a9c8de822c65756897717ad54e2aa7c45_ppc64le",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:bb7ee5838e15f9a31c12af6f4629bb90ac0b41eeee98e0bac4642c6a764944cb_s390x",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:c7d68fdde482c4df1768b99ca6cb6fb358410a152020aca8cfac27bcf77d813b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages"
},
{
"cve": "CVE-2026-33186",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-03-20T23:02:27.802640+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-operator-bundle@sha256:0afe9ca958403340a8ab4d89e07c4b685ea69cbfd5b94c3bc76b5db85afd152d_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449833"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:77f1e202337d716cd2fe7a6701efdeed9cae719f3dfdadf7a0fd4574a11b6ed8_amd64",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:b362fa9e2a18aa84f2393cce8555d34a9c8de822c65756897717ad54e2aa7c45_ppc64le",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:bb7ee5838e15f9a31c12af6f4629bb90ac0b41eeee98e0bac4642c6a764944cb_s390x",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:c7d68fdde482c4df1768b99ca6cb6fb358410a152020aca8cfac27bcf77d813b_arm64"
],
"known_not_affected": [
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-operator-bundle@sha256:0afe9ca958403340a8ab4d89e07c4b685ea69cbfd5b94c3bc76b5db85afd152d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "RHBZ#2449833",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449833"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33186",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33186"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3",
"url": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3"
}
],
"release_date": "2026-03-20T22:23:32.147000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-02T14:17:27+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:77f1e202337d716cd2fe7a6701efdeed9cae719f3dfdadf7a0fd4574a11b6ed8_amd64",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:b362fa9e2a18aa84f2393cce8555d34a9c8de822c65756897717ad54e2aa7c45_ppc64le",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:bb7ee5838e15f9a31c12af6f4629bb90ac0b41eeee98e0bac4642c6a764944cb_s390x",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:c7d68fdde482c4df1768b99ca6cb6fb358410a152020aca8cfac27bcf77d813b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22485"
},
{
"category": "workaround",
"details": "To mitigate this issue, implement infrastructure-level normalization to ensure all incoming HTTP/2 `:path` headers are properly formatted with a leading slash before reaching the gRPC-Go server. This can be achieved by configuring a reverse proxy or API gateway to validate and normalize the `:path` header. Ensure that any such intermediary is properly configured and restarted to apply the changes, which may temporarily impact service availability.",
"product_ids": [
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-operator-bundle@sha256:0afe9ca958403340a8ab4d89e07c4b685ea69cbfd5b94c3bc76b5db85afd152d_amd64",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:77f1e202337d716cd2fe7a6701efdeed9cae719f3dfdadf7a0fd4574a11b6ed8_amd64",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:b362fa9e2a18aa84f2393cce8555d34a9c8de822c65756897717ad54e2aa7c45_ppc64le",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:bb7ee5838e15f9a31c12af6f4629bb90ac0b41eeee98e0bac4642c6a764944cb_s390x",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:c7d68fdde482c4df1768b99ca6cb6fb358410a152020aca8cfac27bcf77d813b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-operator-bundle@sha256:0afe9ca958403340a8ab4d89e07c4b685ea69cbfd5b94c3bc76b5db85afd152d_amd64",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:77f1e202337d716cd2fe7a6701efdeed9cae719f3dfdadf7a0fd4574a11b6ed8_amd64",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:b362fa9e2a18aa84f2393cce8555d34a9c8de822c65756897717ad54e2aa7c45_ppc64le",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:bb7ee5838e15f9a31c12af6f4629bb90ac0b41eeee98e0bac4642c6a764944cb_s390x",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:c7d68fdde482c4df1768b99ca6cb6fb358410a152020aca8cfac27bcf77d813b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation"
},
{
"cve": "CVE-2026-33810",
"cwe": {
"id": "CWE-1289",
"name": "Improper Validation of Unsafe Equivalence in Input"
},
"discovery_date": "2026-04-08T02:01:09.100830+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-operator-bundle@sha256:0afe9ca958403340a8ab4d89e07c4b685ea69cbfd5b94c3bc76b5db85afd152d_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456335"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `crypto/x509` package within Go (golang). When verifying a certificate chain, excluded DNS (Domain Name System) constraints are not correctly applied to wildcard DNS Subject Alternative Names (SANs) if the case of the SAN differs from the constraint. This oversight could allow an attacker to bypass certificate validation, potentially leading to the acceptance of a malicious certificate that should have been rejected. This issue specifically impacts the validation of trusted certificate chains.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Certificate validation bypass due to incorrect DNS constraint application",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in the Go `crypto/x509` package that could allow an attacker to bypass certificate validation. The vulnerability arises from an incorrect application of excluded DNS constraints to wildcard DNS Subject Alternative Names (SANs) when their case differs from the constraint. This could lead to Red Hat products accepting malicious certificates from otherwise trusted chains, compromising the trust model.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:77f1e202337d716cd2fe7a6701efdeed9cae719f3dfdadf7a0fd4574a11b6ed8_amd64",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:b362fa9e2a18aa84f2393cce8555d34a9c8de822c65756897717ad54e2aa7c45_ppc64le",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:bb7ee5838e15f9a31c12af6f4629bb90ac0b41eeee98e0bac4642c6a764944cb_s390x",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:c7d68fdde482c4df1768b99ca6cb6fb358410a152020aca8cfac27bcf77d813b_arm64"
],
"known_not_affected": [
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-operator-bundle@sha256:0afe9ca958403340a8ab4d89e07c4b685ea69cbfd5b94c3bc76b5db85afd152d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33810"
},
{
"category": "external",
"summary": "RHBZ#2456335",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456335"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33810",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33810"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810"
},
{
"category": "external",
"summary": "https://go.dev/cl/763763",
"url": "https://go.dev/cl/763763"
},
{
"category": "external",
"summary": "https://go.dev/issue/78332",
"url": "https://go.dev/issue/78332"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4866",
"url": "https://pkg.go.dev/vuln/GO-2026-4866"
}
],
"release_date": "2026-04-08T01:06:56.546000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-02T14:17:27+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:77f1e202337d716cd2fe7a6701efdeed9cae719f3dfdadf7a0fd4574a11b6ed8_amd64",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:b362fa9e2a18aa84f2393cce8555d34a9c8de822c65756897717ad54e2aa7c45_ppc64le",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:bb7ee5838e15f9a31c12af6f4629bb90ac0b41eeee98e0bac4642c6a764944cb_s390x",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:c7d68fdde482c4df1768b99ca6cb6fb358410a152020aca8cfac27bcf77d813b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22485"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-operator-bundle@sha256:0afe9ca958403340a8ab4d89e07c4b685ea69cbfd5b94c3bc76b5db85afd152d_amd64",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:77f1e202337d716cd2fe7a6701efdeed9cae719f3dfdadf7a0fd4574a11b6ed8_amd64",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:b362fa9e2a18aa84f2393cce8555d34a9c8de822c65756897717ad54e2aa7c45_ppc64le",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:bb7ee5838e15f9a31c12af6f4629bb90ac0b41eeee98e0bac4642c6a764944cb_s390x",
"Red Hat Lightspeed (formerly Insights) for Runtimes 1:registry.redhat.io/rh-lightspeed-runtimes/runtimes-inventory-rhel9-operator@sha256:c7d68fdde482c4df1768b99ca6cb6fb358410a152020aca8cfac27bcf77d813b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Certificate validation bypass due to incorrect DNS constraint application"
}
]
}
RHSA-2026:22709
Vulnerability from csaf_redhat - Published: 2026-06-03 07:32 - Updated: 2026-07-13 23:21A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.x86_64 | — |
Vendor Fix
fix
|
A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.x86_64 | — |
Vendor Fix
fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for osbuild-composer is now available for Red Hat Enterprise Linux 9.6 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud. It is compatible with composer-cli and cockpit-composer clients.\n\nSecurity Fix(es):\n\n* golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root (CVE-2026-32282)\n\n* crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)\n\n* crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:22709",
"url": "https://access.redhat.com/errata/RHSA-2026:22709"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_22709.json"
}
],
"title": "Red Hat Security Advisory: osbuild-composer security update",
"tracking": {
"current_release_date": "2026-07-13T23:21:50+00:00",
"generator": {
"date": "2026-07-13T23:21:50+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.2"
}
},
"id": "RHSA-2026:22709",
"initial_release_date": "2026-06-03T07:32:51+00:00",
"revision_history": [
{
"date": "2026-06-03T07:32:51+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-03T07:32:51+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-13T23:21:50+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.6::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "osbuild-composer-0:132.2-7.el9_6.x86_64",
"product": {
"name": "osbuild-composer-0:132.2-7.el9_6.x86_64",
"product_id": "osbuild-composer-0:132.2-7.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer@132.2-7.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-0:132.2-7.el9_6.x86_64",
"product": {
"name": "osbuild-composer-core-0:132.2-7.el9_6.x86_64",
"product_id": "osbuild-composer-core-0:132.2-7.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core@132.2-7.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-0:132.2-7.el9_6.x86_64",
"product": {
"name": "osbuild-composer-worker-0:132.2-7.el9_6.x86_64",
"product_id": "osbuild-composer-worker-0:132.2-7.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker@132.2-7.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-debugsource-0:132.2-7.el9_6.x86_64",
"product": {
"name": "osbuild-composer-debugsource-0:132.2-7.el9_6.x86_64",
"product_id": "osbuild-composer-debugsource-0:132.2-7.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-debugsource@132.2-7.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-debuginfo-0:132.2-7.el9_6.x86_64",
"product": {
"name": "osbuild-composer-core-debuginfo-0:132.2-7.el9_6.x86_64",
"product_id": "osbuild-composer-core-debuginfo-0:132.2-7.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core-debuginfo@132.2-7.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-debuginfo-0:132.2-7.el9_6.x86_64",
"product": {
"name": "osbuild-composer-debuginfo-0:132.2-7.el9_6.x86_64",
"product_id": "osbuild-composer-debuginfo-0:132.2-7.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-debuginfo@132.2-7.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.x86_64",
"product": {
"name": "osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.x86_64",
"product_id": "osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-tests-debuginfo@132.2-7.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.x86_64",
"product": {
"name": "osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.x86_64",
"product_id": "osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker-debuginfo@132.2-7.el9_6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "osbuild-composer-0:132.2-7.el9_6.src",
"product": {
"name": "osbuild-composer-0:132.2-7.el9_6.src",
"product_id": "osbuild-composer-0:132.2-7.el9_6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer@132.2-7.el9_6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "osbuild-composer-0:132.2-7.el9_6.aarch64",
"product": {
"name": "osbuild-composer-0:132.2-7.el9_6.aarch64",
"product_id": "osbuild-composer-0:132.2-7.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer@132.2-7.el9_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-0:132.2-7.el9_6.aarch64",
"product": {
"name": "osbuild-composer-core-0:132.2-7.el9_6.aarch64",
"product_id": "osbuild-composer-core-0:132.2-7.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core@132.2-7.el9_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-0:132.2-7.el9_6.aarch64",
"product": {
"name": "osbuild-composer-worker-0:132.2-7.el9_6.aarch64",
"product_id": "osbuild-composer-worker-0:132.2-7.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker@132.2-7.el9_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-debugsource-0:132.2-7.el9_6.aarch64",
"product": {
"name": "osbuild-composer-debugsource-0:132.2-7.el9_6.aarch64",
"product_id": "osbuild-composer-debugsource-0:132.2-7.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-debugsource@132.2-7.el9_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-debuginfo-0:132.2-7.el9_6.aarch64",
"product": {
"name": "osbuild-composer-core-debuginfo-0:132.2-7.el9_6.aarch64",
"product_id": "osbuild-composer-core-debuginfo-0:132.2-7.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core-debuginfo@132.2-7.el9_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-debuginfo-0:132.2-7.el9_6.aarch64",
"product": {
"name": "osbuild-composer-debuginfo-0:132.2-7.el9_6.aarch64",
"product_id": "osbuild-composer-debuginfo-0:132.2-7.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-debuginfo@132.2-7.el9_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.aarch64",
"product": {
"name": "osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.aarch64",
"product_id": "osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-tests-debuginfo@132.2-7.el9_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.aarch64",
"product": {
"name": "osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.aarch64",
"product_id": "osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker-debuginfo@132.2-7.el9_6?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "osbuild-composer-0:132.2-7.el9_6.ppc64le",
"product": {
"name": "osbuild-composer-0:132.2-7.el9_6.ppc64le",
"product_id": "osbuild-composer-0:132.2-7.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer@132.2-7.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-0:132.2-7.el9_6.ppc64le",
"product": {
"name": "osbuild-composer-core-0:132.2-7.el9_6.ppc64le",
"product_id": "osbuild-composer-core-0:132.2-7.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core@132.2-7.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-0:132.2-7.el9_6.ppc64le",
"product": {
"name": "osbuild-composer-worker-0:132.2-7.el9_6.ppc64le",
"product_id": "osbuild-composer-worker-0:132.2-7.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker@132.2-7.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-debugsource-0:132.2-7.el9_6.ppc64le",
"product": {
"name": "osbuild-composer-debugsource-0:132.2-7.el9_6.ppc64le",
"product_id": "osbuild-composer-debugsource-0:132.2-7.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-debugsource@132.2-7.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-debuginfo-0:132.2-7.el9_6.ppc64le",
"product": {
"name": "osbuild-composer-core-debuginfo-0:132.2-7.el9_6.ppc64le",
"product_id": "osbuild-composer-core-debuginfo-0:132.2-7.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core-debuginfo@132.2-7.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-debuginfo-0:132.2-7.el9_6.ppc64le",
"product": {
"name": "osbuild-composer-debuginfo-0:132.2-7.el9_6.ppc64le",
"product_id": "osbuild-composer-debuginfo-0:132.2-7.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-debuginfo@132.2-7.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.ppc64le",
"product": {
"name": "osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.ppc64le",
"product_id": "osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-tests-debuginfo@132.2-7.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.ppc64le",
"product": {
"name": "osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.ppc64le",
"product_id": "osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker-debuginfo@132.2-7.el9_6?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "osbuild-composer-0:132.2-7.el9_6.s390x",
"product": {
"name": "osbuild-composer-0:132.2-7.el9_6.s390x",
"product_id": "osbuild-composer-0:132.2-7.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer@132.2-7.el9_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-0:132.2-7.el9_6.s390x",
"product": {
"name": "osbuild-composer-core-0:132.2-7.el9_6.s390x",
"product_id": "osbuild-composer-core-0:132.2-7.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core@132.2-7.el9_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-0:132.2-7.el9_6.s390x",
"product": {
"name": "osbuild-composer-worker-0:132.2-7.el9_6.s390x",
"product_id": "osbuild-composer-worker-0:132.2-7.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker@132.2-7.el9_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-debugsource-0:132.2-7.el9_6.s390x",
"product": {
"name": "osbuild-composer-debugsource-0:132.2-7.el9_6.s390x",
"product_id": "osbuild-composer-debugsource-0:132.2-7.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-debugsource@132.2-7.el9_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-core-debuginfo-0:132.2-7.el9_6.s390x",
"product": {
"name": "osbuild-composer-core-debuginfo-0:132.2-7.el9_6.s390x",
"product_id": "osbuild-composer-core-debuginfo-0:132.2-7.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-core-debuginfo@132.2-7.el9_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-debuginfo-0:132.2-7.el9_6.s390x",
"product": {
"name": "osbuild-composer-debuginfo-0:132.2-7.el9_6.s390x",
"product_id": "osbuild-composer-debuginfo-0:132.2-7.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-debuginfo@132.2-7.el9_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.s390x",
"product": {
"name": "osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.s390x",
"product_id": "osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-tests-debuginfo@132.2-7.el9_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.s390x",
"product": {
"name": "osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.s390x",
"product_id": "osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/osbuild-composer-worker-debuginfo@132.2-7.el9_6?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-0:132.2-7.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.aarch64"
},
"product_reference": "osbuild-composer-0:132.2-7.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-0:132.2-7.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.ppc64le"
},
"product_reference": "osbuild-composer-0:132.2-7.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-0:132.2-7.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.s390x"
},
"product_reference": "osbuild-composer-0:132.2-7.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-0:132.2-7.el9_6.src as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.src"
},
"product_reference": "osbuild-composer-0:132.2-7.el9_6.src",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-0:132.2-7.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.x86_64"
},
"product_reference": "osbuild-composer-0:132.2-7.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-0:132.2-7.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.aarch64"
},
"product_reference": "osbuild-composer-core-0:132.2-7.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-0:132.2-7.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.ppc64le"
},
"product_reference": "osbuild-composer-core-0:132.2-7.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-0:132.2-7.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.s390x"
},
"product_reference": "osbuild-composer-core-0:132.2-7.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-0:132.2-7.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.x86_64"
},
"product_reference": "osbuild-composer-core-0:132.2-7.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-debuginfo-0:132.2-7.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.aarch64"
},
"product_reference": "osbuild-composer-core-debuginfo-0:132.2-7.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-debuginfo-0:132.2-7.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.ppc64le"
},
"product_reference": "osbuild-composer-core-debuginfo-0:132.2-7.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-debuginfo-0:132.2-7.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.s390x"
},
"product_reference": "osbuild-composer-core-debuginfo-0:132.2-7.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-core-debuginfo-0:132.2-7.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.x86_64"
},
"product_reference": "osbuild-composer-core-debuginfo-0:132.2-7.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-debuginfo-0:132.2-7.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.aarch64"
},
"product_reference": "osbuild-composer-debuginfo-0:132.2-7.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-debuginfo-0:132.2-7.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.ppc64le"
},
"product_reference": "osbuild-composer-debuginfo-0:132.2-7.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-debuginfo-0:132.2-7.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.s390x"
},
"product_reference": "osbuild-composer-debuginfo-0:132.2-7.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-debuginfo-0:132.2-7.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.x86_64"
},
"product_reference": "osbuild-composer-debuginfo-0:132.2-7.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-debugsource-0:132.2-7.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.aarch64"
},
"product_reference": "osbuild-composer-debugsource-0:132.2-7.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-debugsource-0:132.2-7.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.ppc64le"
},
"product_reference": "osbuild-composer-debugsource-0:132.2-7.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-debugsource-0:132.2-7.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.s390x"
},
"product_reference": "osbuild-composer-debugsource-0:132.2-7.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-debugsource-0:132.2-7.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.x86_64"
},
"product_reference": "osbuild-composer-debugsource-0:132.2-7.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.aarch64"
},
"product_reference": "osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.ppc64le"
},
"product_reference": "osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.s390x"
},
"product_reference": "osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.x86_64"
},
"product_reference": "osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-0:132.2-7.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.aarch64"
},
"product_reference": "osbuild-composer-worker-0:132.2-7.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-0:132.2-7.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.ppc64le"
},
"product_reference": "osbuild-composer-worker-0:132.2-7.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-0:132.2-7.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.s390x"
},
"product_reference": "osbuild-composer-worker-0:132.2-7.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-0:132.2-7.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.x86_64"
},
"product_reference": "osbuild-composer-worker-0:132.2-7.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.aarch64"
},
"product_reference": "osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.ppc64le"
},
"product_reference": "osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.s390x"
},
"product_reference": "osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.x86_64"
},
"product_reference": "osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-32280",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-08T02:01:19.572351+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go standard library\u0027s certificate chain building process. Systems utilizing Go applications that process untrusted TLS certificates or X.509 certificate chains are susceptible to resource exhaustion when presented with an excessive number of intermediate certificates, potentially leading to service unavailability. This flaw impacts applications directly using `crypto/x509` or `crypto/tls`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.src",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "RHBZ#2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://go.dev/cl/758320",
"url": "https://go.dev/cl/758320"
},
{
"category": "external",
"summary": "https://go.dev/issue/78282",
"url": "https://go.dev/issue/78282"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4947",
"url": "https://pkg.go.dev/vuln/GO-2026-4947"
}
],
"release_date": "2026-04-08T01:06:58.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-03T07:32:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.src",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22709"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.src",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
},
{
"cve": "CVE-2026-32282",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2026-04-08T02:01:12.683211+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456336"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs access to the system and the required permissions to create a symbolic link. Additionally, the attacker must swap the target file with a symbolic link in the exact window after the `Root.Chmod` function checks its target but before acting. Due to these conditions, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.src",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "RHBZ#2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32282",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32282"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"category": "external",
"summary": "https://go.dev/cl/763761",
"url": "https://go.dev/cl/763761"
},
{
"category": "external",
"summary": "https://go.dev/issue/78293",
"url": "https://go.dev/issue/78293"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4864",
"url": "https://pkg.go.dev/vuln/GO-2026-4864"
}
],
"release_date": "2026-04-08T01:06:55.953000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-03T07:32:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.src",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22709"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.src",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.src",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root"
},
{
"cve": "CVE-2026-32283",
"cwe": {
"id": "CWE-764",
"name": "Multiple Locks of a Critical Resource"
},
"discovery_date": "2026-04-08T02:01:16.213799+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456338"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Important: A flaw in the Go `crypto/tls` package allows a remote attacker to cause a denial of service in applications using TLS 1.3. By sending multiple key update messages in a single record post-handshake, an attacker can trigger a connection deadlock, leading to uncontrolled resource consumption. This impacts Red Hat products utilizing the affected Go standard library for TLS 1.3 connections.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.src",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32283"
},
{
"category": "external",
"summary": "RHBZ#2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32283",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32283"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"category": "external",
"summary": "https://go.dev/cl/763767",
"url": "https://go.dev/cl/763767"
},
{
"category": "external",
"summary": "https://go.dev/issue/78334",
"url": "https://go.dev/issue/78334"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4870",
"url": "https://pkg.go.dev/vuln/GO-2026-4870"
}
],
"release_date": "2026-04-08T01:06:57.670000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-03T07:32:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.src",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:22709"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.src",
"AppStream-9.6.0.Z.EUS:osbuild-composer-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-core-debuginfo-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debuginfo-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-debugsource-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-tests-debuginfo-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-0:132.2-7.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:osbuild-composer-worker-debuginfo-0:132.2-7.el9_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages"
}
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.